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Farmers  Fear  Livestock  ID  Mandate 

Tracking  animals  with  RFID  could  prove  pricey,  they  say 


Philly  Flushes 
Oracle  Out  of 
Water  Bill  Project 

City  switches  vendors  to  revive  Project 
Ocean;  Oracle  will  cover  $6.9M  in  costs 


BY  MATT  HAMBLEN 

The  city  of  Philadelphia  has 
restarted  a  water  billing  sys¬ 
tem  project  after  a  14-month 
shutdown,  although  it  is 
replacing  most  of  the  Oracle 
applications  it  planned  to  use 
with  new  software. 

Citing  figures  released  by 
the  city  solicitor,  Philadelphia 
CIO  Terry  Phillis 
said  last  week  that 
the  city  has  also 
signed  an  amended 
contract  with 
Oracle  Corp.  in 
which  the  compa¬ 
ny  agreed  to  pay  or 
forgive  costs  total¬ 
ing  $6.9  million. 

In  addition,  Phil¬ 
lis  said  a  team  of 
managers  from 
three  city  agencies 
has  been  created  to  oversee 
the  revived  initiative,  which 
is  code-named  Project  Ocean. 
And  the  CIO  will  directly 
oversee  the  integration  of  the 
new  billing  software  himself 


My  head 
is  going 
to  be  on  tne 
block  anyway, 
so  I’d  rather 
have  control  of 
my  own  destiny. 

PHILA¬ 
DELPHIA  CIO,  WHO  WILL 
OVERSEE  THE  CITY'S 
BASIS2  DEPLOYMENT 


in  an  effort  to  better  manage 
the  costs.  “My  head  is  going 
to  be  on  the  block  anyway,  so 
I’d  rather  have  control  of  my 
own  destiny  than  have  it  in  the 
hands  of  a  third  party,”  he  said. 

Work  on  Project  Ocean  was 
suspended  in  October  2005  af¬ 
ter  the  city  had  spent  $18  mil¬ 
lion  —  twice  what  it  initially 
expected  to  spend 
—  without  getting 
a  working  system. 
Last  September, 
officials  said  they 
had  reached  an 
agreement  in  prin¬ 
ciple  with  Oracle 
that  would  let  the 
city  install  third- 
party  utility  bill¬ 
ing  software,  then 
unidentified,  at  no 
extra  cost. 

Phillis  said  last  week  that  the 
city  plans  to  use  Basis2,  an  off- 
the-shelf  billing  and  revenue 
management  package  devel¬ 
oped  by  Prophecy  Internation- 
Oracle  Project,  page  15 


BY  MARC  L.  SONOINI 

Independent  livestock  ranch¬ 
ers  last  week  were  quick  to 
criticize  signals  that  the  new 
Congress  may  soon  mandate 
implementation  of  the  RFID- 
based  National  Animal  Identi¬ 
fication  System. 

Signing  on  to  the  NAIS 


program  has  been  voluntary 
since  it  was  first  proposed  in 
2003,  but  Rep.  Collin  Peterson 
(D-Minn.),  the  new  chairman 
of  the  House  Agriculture 
Committee,  said  last  week  that 
he  may  soon  push  for  the  pro¬ 
gram  to  become  mandatory. 

“The  voluntary  approach  is  a 


good  steppingstone  in  the  proc¬ 
ess  of  achieving  a  functioning 
animal  ID  system,”  Peterson 
said.  “But  full  participation 
may  ultimately  be  necessary 
in  order  to  ensure  that  we 
have  a  system  that  meets  the 
needs  of  livestock  producers 

ID  Mandate,  page  36 
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It's  hard  to  work  like  a  team  when  only  the  big  players  have  remote  access.  With 
Microsoft®  Exchange  Server  2007,  everyone  can  connect  and  collaborate  anywhere 
they  go  through  a  unified  e-mail,  v-mail,  and  calendar  system  offering  advanced 
security.  See  how  BT®  is  able  to  help  its  global  team  work  more  efficiently  at 

microsoft.com/exchange 
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The  AMD  Opteron'" 
processor  provides 
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performance. 


INTRODUCING  THE  NEW  DELL™  POWEREDGE™  6950  SERVER. 


Meet  the  new  4-socket  Deli  PowerEdge  6950  server.  It’s  ideal  for  your 
big  business,  since  it’s  primed  to  handle  all  your  mission-critical 
database  and  virtualization  apps.  And  Dell  tests  leading  operating 
systems  and  applications  on  its  servers  to  help  ensure  seamless 
productivity.  So  the  sky  is  no  longer  the  limit.  Business  solutions 
designed  with  one  company  in  mind.  Yours. 
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Smart  Printers,  Scary  Printers 

In  the  Technology  section:  Today’s  high-tech,  networked  print¬ 
ers  —  yes,  printers  —  can  open  your  corporate  network  to 
viruses  or  other  malicious  attacks  unless  they’re  patched  and 
hardened.  We  identify  the  risks.  Page  18 


NEWS 

6  A  majority  of  Oracle  users  say  a 

lack  of  storage  capacity  has  af¬ 
fected  their  database  performance, 
according  to  a  user  group  survey. 

6  The  NSA  confirms  that  it  helped 
Microsoft  configure  Windows 
Vista  to  meet  Pentagon  security 
requirements. 

7 Aetna  is  set  to  launch  an  applica¬ 
tion  that  will  allow  its  15  million 
clients  to  access  their  health  re¬ 
cords  online  by  the  end  of  June. 

7  California  is  offering  tax  rebates 
to  encourage  wider  use  of  solar 
energy  by  companies. 

Q&A:  Teradata’s  Bob  Fair  says 
a  planned  spin-off  of  the  NCR 
data  warehousing  unit  will  let  the 
two  companies  “compete  100%”  in 
their  separate  markets. 

Global  Dispatches:  A  U.S. -based 
security  vendor  and  a  group 
of  U.S.  and  German  investors 
have  both  said  they  plan  to  submit 
buyout  bids  for  insolvent  mobile 
phone  maker  BenQ_Mobile. 

SIAC  and  Reader’s  Digest  are 

both  migrating  mainframe 
applications  to  Unix  systems.  But 
the  two  companies  are  taking 
very  different  approaches. 

The  TSA  plans  to  start  issuing 
new  smart-card  credentials  to 
more  than  750,000  port  workers 
in  March,  despite  concerns  that 
more  testing  is  needed. 

The  city  of  Atlanta  is  rolling  out 
business  intelligence  software 
to  all  city  departments  in  an  effort 
to  keep  their  records  visible  to  all 
residents  and  officials. 


TECHNOLOGY 

QuickStudy:  Graphic  File  For¬ 
mats.  Ever  wonder  what  the 
file  extensions  .bmp.  .gif,  .jpg  and 
.tif  really  mean?  This  tutorial  on 
graphic  file  formats  explains  the 
pros  and  cons  of  each. 

Security  Manager’s  Journal: 
Laying  a  New  Year’s  Course  for 
Security.  The  new  year  is  a  time 
for  a  fresh  start.  When  better  to 
decide  which  projects  will  get 
attention  in  2007?  C.J.  Kelly  has 
already  made  some  decisions, 
giving  a  thumbs  up  to  encryption 
and  a  thumbs  down  to  a  Vista 
upgrade. 

MANAGEMENT 

Swimming 
in  the  Global 
Talent  Pool.  To 

keep  up  in  the 
worldwide  IT 
competition, 
you  need  talent 
and  top-notch 
skills,  you  have 
to  be  a  creative 
self-promoter, 
and  you  must 
exude  what 
recruiters  call 
“relevance.” 


MIT  Mentor: 

Benefits- 
funded  IT.  In  IT, 

as  in  winemak¬ 
ing,  timing  is 
everything, 
says  IT  Mentor 
Frank  Modru- 
son.  He  explains 
how  the  right  project,  timed  prop¬ 
erly,  can  pay  for  itself  and  reap 
great  rewards  for  the  business. 


OPINIONS 

On  the  Mark:  Mark  Hall  passes 
along  a  warning  on  VoIP  secu¬ 
rity  problems  from  a  book  written 
by  two  security  vendor  execs. 


Don  Tennant  believes  IT  pro¬ 
fessionals  need  to  recognize 
that  they’re  swimming  in  a  global 
talent  pool  and  that  “good  enough” 
isn’t  good  enough  anymore. 

John  D.  Halamka  discusses  the 
first  law  of  project  dynamics: 
Aggravation  is  neither  created  nor 
destroyed:  it  is  simply  converted 
from  one  project  to  another. 

MMark  Willoughby  sees  Micro¬ 
soft  as  the  rare  company  that 
can  compete  with  four  different 
business  models. 

Bart  Perkins  supports  the 
postproject  review  as  a  way 
for  team  members  to  learn  con¬ 
structive  lessons. 

Frankly  Speaking:  Frank  Hayes 

says  Apple’s  iPhone  was 
developed  in  a  bubble  and  only 
now  will  get  input  from  users  —  a 
model  that  doesn’t  work  for  IT. 
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Cast  your  tech  tales  into  the  feeding  frenzy 


Now  It’s  Your  Turn 

If  you  enjoy  Shark  Tank,  you  won’t  want 
to  miss  Shark  Bait,  a  place  where  you 
can  really  vent  about  IT.  Submit  your  own 
“baits”  for  points,  and  rate  other  baits. 
Leave  comments,  build  your  profile,  or  try 
to  become  one  of  the  “big  fish.”  Get  start¬ 
ed  at  http://sharkbait.computerworld.com. 

TODAY'S  TOP  BAITS 

|  •  Apple's  mobile  phone  A  must-have  product,  or  will  it 
go  the  way  ol  the  Newton? 

1  •  The  Four  Curses  ot  the  IT  Biz 
I  •  Twisted  password  security 
1  •  How  not  to  sell  call  center  software 
1  •  Small  town  mentality 
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Register  to  Become  a  big  fish 
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Six  Cool  Gadgets  You 
Should  Give  Your  Users 

MOBILE/WIRELESS:  Some  gadgets  are  not  only 
fun  to  use,  they  also  increase  productivity. 
The  trick  is  to  figure  out  which  gizmos 
aren’t  just  toys. 

Q  www.computerworld.com/mobilewireless 

Set  Up  a  Home  Storage  Network 

STORAGE:  Storage  networks  aren’t  just  for  the 
data  center  anymore.  Shared  network  stor¬ 
age  devices  can  offer  an  easy  way  to  meet 
your  home  file-sharing  needs. 

©  www.computerworld.com/storage 
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SAP  Expects  Slowing 
Sales  Growth  in  Q4 

SAP  AG’s  stock  dropped  more 
than  1G%  last  Thursday  after 
the  business  software  vendor 
warned  of  lower-than-expected 
revenue  growth  in  its  fourth 
quarter,  which  ended  Dec.  31. 
Fourth-quarter  revenue  is  ex¬ 
pected  to  be  about  S3.82  billion, 
up  7%  from  the  year-earlier  pe¬ 
riod.  SAP  said  quarterly  software 
sales  slowed  to  4%  in  the  U.S. 
and  Japan  during  the  quarter, 
while  sales  grew  by  13%  in  Eu¬ 
rope,  the  Middle  East  and  Africa. 


Transmeta  Faces 
Intel  Countersuit 

Intel  Corp.  has  filed  a  counter¬ 
suit  against  Transmeta  Corp.  in 
an  ongoing  patent  infringement 
disagreement  between  the  two 
companies,  Transmeta  sued  Intel 
in  October,  charging  that  Intel’s 
Pentium  and  Core  PC  processors 
violate  10  Transmeta  patents. 
Intel  has  denied  the  charge  and 
now  accuses  Transmeta  of  in¬ 
fringing  seven  Intel  patents. 


Oracle  Previews 
Quarterly  Patch  Plan 

Oracle  Corp.  has  for  the  first 
time  released  details  of  an 
upcoming  release  of  security 
patches.  Oracle  last  week  pub¬ 
lished  its  Critical  Patch  Update 
Pre-Release  Announcement, 
which  provides  details  about  the 
quarterly  set  of  patches  expected 
to  he  released  tomorrow.  The 
updates  will  include  52  patches 
for  Oracle’s  database,  applica¬ 
tion  server,  Enterprise  Manager, 
identity  management  products, 
E-Business  Suite,  Developer 
Suite  and  PeopieSoft  Enterprise 
PeopleToois  products. 


Coalition  to  Unveil 
E-health  Initiative 

A  coalition  of  technology  firms, 
insurance  companies  and  physi¬ 
cian  groups  this  week  will  unveil 
an  initiative  designed  to  reduce 
medication  errors.  The  National 
E-Prescribing  Patient  Safety 
Initiative  will  give  physicians 
Web-based  access  to  free  elec¬ 
tronic  prescribing  software. 


Oracle  DB  Users  Wrestle 
With  Storage  Demand 


Capacity  shortfalls  affecting  database 
speeds  and  availability,  survey  finds 


BY  ERIC  LAI 

HE  NUMBER  of  tera- 
byte-class  Oracle 
databases  rose  rapid¬ 
ly  over  the  past  year, 
according  to  newly  released 
survey  results.  But  many  Or¬ 
acle  database  administrators 
are  having  trouble  quenching 
their  thirst  for  more  storage. 

In  the  survey,  which  was 
conducted  for  the  Independent 
Oracle  Users  Group  (IOUG)  in 
September  and  released  this 
month,  60%  of  the  366  respon¬ 
dents  said  a  lack  of  available 
storage  has  affected  the  per¬ 
formance  of  their  databases. 
Ten  percent  said  performance 
has  been  significantly  affected. 
A  total  of  46%  said  that  the 
availability  of  their  databases 
has  been  affected  by  storage 
capacity  issues.  And  43%  said 
they  have  delayed  application 
rollouts  because  of  a  lack  of 
storage  resources. 

At  Chicago  Mercantile  Ex¬ 
change  Holdings  Inc.  (CME), 
the  number  of  Buy  and  Sell 
contracts  being  processed  per 
day  has  grown  nearly  sixfold 


over  the  past  six  years,  from 
917,000  in  2000  to  nearly 
5.5  million  last  year. 

As  a  result,  the  exchange 
is  perpetually  running  out  of 
free  disk  space  for  its  Oracle 
databases,  according  to  Joel 
Kulesa,  a  storage  technology 
specialist  at  the  CME.  To  help 
free  up  space,  the  exchange 
uses  techniques  such  as  hier¬ 
archical  storage  management, 
data  classification  and  ar¬ 
chiving,  Kulesa  said  via  e-mail. 

Performance  Anxiety 

The  CME  faces  an  even  big¬ 
ger  problem,  though:  The 
performance  of  disk  drives 
isn’t  increasing  fast  enough  to 
meet  its  processing  require¬ 
ments,  Kulesa  said.  “Balancing 
growing  capacity  needs  with 
increasing  performance  de¬ 
mands  has  been  the  real  chal¬ 
lenge  we’re  facing,”  he  added. 

The  IOUG’s  survey,  which 
was  conducted  by  Chatham, 
N.J.-based  Unisphere  Research 
with  funding  from  Symantec 
Corp.,  found  that  31%  of  the 
respondents  now  manage  data¬ 


bases  larger  than  1TB.  That 
was  up  from  13%  in  a  similar 
survey  released  early  last  year. 

Respondents  reported  that 
the  top  contributors  to  their 
growing  storage  needs  were 
increased  transaction  data, 
information  generated  by 
new  devices  and  systems,  and 
regulatory  requirements.  The 
growth  was  also  fueled  by  in¬ 
creasing  amounts  of  unstruc¬ 
tured  data,  such  as  graphics, 
video  and  e-mail  files. 

“Storage  is  growing  much 
faster  than  the  revenues  and 
profits  of  companies,”  said  Ari 
Kaplan,  the  Chicago-based 
IOUG’s  president  and  a  senior 
consultant  at  Datalink  Corp.,  a 
storage  architecture  services 
firm  in  Chanhassen,  Minn. 

According  to  the  survey, 
some  Oracle  users  are  seeing 
such  rapid  data  growth  that 
when  budgeting  for  storage 
needs,  they  often  make  their 
best  guesses  and  then  tack  on 
10%  to  25%  as  a  safety  margin. 

Kaplan  said  the  situation  is 
making  some  database  admin¬ 
istrators  nervous  enough  that 
they’re  trying  to  become  more 
involved  in  storage  manage¬ 
ment  decisions  traditionally 
handled  by  other  IT  team 


Capacity  Crunch 


Has  your  database  growth 
ever  exceeded  available 
storage  resources? 


Yes,  often:  6% 


Don’t  know  or  unsure:  5% 


BASE:  366  members  of  the 
International  Oracle  Users  Group, 
surveyed  last  September.  Total 
does  not  add  up  to  100  because 
of  rounding. 


members.  That  is  causing  con¬ 
flicts,  he  noted. 

“I’ve  seen  cases  of  frustra¬ 
tion  and  concern  and  politick¬ 
ing  over  storage,”  Kaplan  said. 
“The  larger  the  company,  the 
larger  the  challenge  of  who 
owns  and  runs  what.” 

Kulesa,  though,  minimized 
the  potential  for  any  conflicts 
between  the  storage  and  data¬ 
base  staffs  at  the  CME.  “We 
work  very  closely  with  our 
DBA  team  on  all  storage  de¬ 
sign  and  provisioning,”  he  said, 
adding  that  high-performance, 
customer-facing  databases 
account  for  a  majority  of  the 
capacity  on  the  exchange’s 
storage-area  network. » 


NSA  Helped  Microsoft  Set  Security  for  Vista 


Spy  agency,  vendor 
teamed  to  sync 
OS  with  standards 

BY  ROBERT  McMILLAN 

Microsoft  Corp.  and  the 
National  Security  Agency 
confirmed  last  week  that  the 
intelligence  agency  helped  the 
company  configure  Windows 
Vista  so  it  meets  the  Penta¬ 
gon’s  security  requirements. 

NSA  spokesman  Ken  White 
said  the  agency  has  provided 
guidance  on  securing  Win¬ 
dows  XP  and  Windows  2000 
in  the  past.  But  this  is  the  first 
time  the  NSA  has  worked  with 
Microsoft  or  any  vendor  prior 


to  an  operating  system’s  re¬ 
lease,  White  added. 

By  getting  involved  early  in 
the  process,  the  NSA  ensured 
that  there  would  be  a  version  of 
Vista  that  is  secure  enough  for 
the  U.S.  Department  of  Defense 
and  compatible  with  federal 
software,  he  said.  Now  the  NSA 
can  guarantee  that  Vista’s  off- 
the-shelf  security  configuration 
“is  at  a  level  that  meets  our 
standards,”  White  said. 

Microsoft  declined  to  make 
any  executives  available  to 
comment  about  the  NSA’s  help. 
In  a  statement,  the  company 
said  that  it  had  asked  a  number 
of  government  entities  to 
review  Vista,  including  the 


NSA,  the  National  Institute 
of  Standards  and  Technology 
and  NATO. 

Alarm  Raised 

Still,  the  NSA’s  involvement 
raised  red  flags  for  some  pri¬ 
vacy  advocates.  “Some  bells 
are  going  to  go  off  when  the 
government’s  spy  agency 
is  working  with  the  private 
sector’s  top  developer  of  oper¬ 
ating  systems,”  said  Marc  Ro- 
tenberg,  executive  director  of 
the  Electronic  Privacy  Infor¬ 
mation  Center  in  Washington. 

Rotenberg  and  other  privacy 
advocates  said  it  would  be 
tempting  for  the  NSA  to  push 
for  a  way  to  gain  access  to  data 


stored  on  Vista-based  systems. 

But  White  said  the  NSA 
didn’t  open  any  back  doors 
into  the  new  operating  system. 
“This  is  not  the  development 
of  code  here,”  he  said.  “This  is 
assisting  in  the  development 
of  a  security  configuration.” 

The  work  with  Microsoft 
was  done  in  accordance  with 
the  NSA’s  mandate  to  protect 
the  nation’s  information  sys¬ 
tems,  White  said.  “This  is  the 
other  half  of  the  NSA  mission 
that  you  never  hear  much 
about,”  he  said.  “All  you  ever 
hear  about  is  foreign  signal 
intelligence.  The  other  half  is 
information  assurance.” » 


McMillan  writes  for  the  IDG 
News  Service. 


SOURCE:  FORRESTER  RESEARCH  INC..  JUNE  2006 
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Aetna  Clients  to  Get  Access  to  Online  Health  Data 


Insurer  will  offer  links  to  15M  users 


BY  HEATHER  HAVENSTEIN 

Aetna  Inc.  is  weeks  away  from 
launching  an  application  that 
will  provide  its  15  million  cus¬ 
tomers  with  online  access  to 
their  health  care  information. 
The  launch  will  culminate  a 
two-year  internal  development 
effort  by  the  Hartford,  Conn.- 
based  insurer. 

Access  to  the  online  Aetna 
CareEngine-powered  Personal 
Health  Record  (PHR)  software 
will  be  available  to  1  million 
clients  by  the  end  of  March 
and  to  the  remaining  14  mil¬ 
lion  customers  during  the 
second  quarter,  Aetna  officials 
said. 

The  system  lets  Aetna  cli¬ 
ents  access  health  data  com¬ 
piled  from  insurance  claims 
and  other  external  sources, 
and  it  allows  the  customers  to 
update  their  own  records  with 
data  such  as  blood  pressure 
readings  taken  at  home. 

An  analytic  engine  devel¬ 
oped  by  New  York-based 
Aetna  subsidiary  ActiveHealth 
Management  Inc.  will  analyze 
the  PHRs  daily  and  notify  pa¬ 
tients  if  their  care  falls  out  of 
line  with  commonly  accepted 
best  practices,  said  Robert 
Heyl,  architect  manager  of 
Aetna’s  E-Health  business  unit. 

For  example,  Heyl  said,  the 
CareEngine  software  can  de¬ 
termine  whether  a  physician 
has  prescribed  medication  that 


could  have  an  adverse  reaction 
with  medicine  prescribed  by 
another  doctor.  The  system 
can  notify  affected  clients  of 
such  potential  problems  by 
telephone  and  e-mail. 

Insurance  providers  and 
employers  are  adopting  elec¬ 
tronic  health  records  in  an 
effort  to  reduce  duplicate  test¬ 
ing,  medical  errors  and  other 
problems.  The  records  allow 
consumers  to  share  compre¬ 
hensive  data  with  health  care 
providers  rather  than  depend 
on  fragmented  data  main¬ 
tained  by  multiple  physicians 
and  hospitals. 

Standards  Support 

Aetna  was  among  more  than 
1,000  insurance  companies, 
with  a  total  of  200  million 
customers,  that  last  month  an¬ 
nounced  support  for  standards 
for  creating  and  managing 
electronic  health  records. 

The  Aetna  claims  data  will 
be  fed  to  the  CareEngine  ana¬ 
lytic  software  through  Web 
services  messages,  Heyl  said. 
The  ActiveHealth  engine  will 
compare  that  data  to  a  large 
set  of  rules  developed  by  phy¬ 
sicians  for  30  different  medical 
conditions,  he  added. 

“[The  CareEngine]  will 
look  at  individual  records  for 
evidence  across  multiple  data 
points  to  allow  it  to  create  a 
statistically  valid  conclusion,” 


Medical  Monitoring 


Twenty-eight  percent  of  U.S.  households  formally  track 
health  and  medical  information,  primarily  using  paper-based  methods. 

U.S.  households  keeping  any 
form  of  personal  health  record 


All  U.S.  households 

28%  formally  track  health  and 
medical  information  • 


72%  do  not  formally 
track  health  and 
medical  information  yf 


■  5%  use  a 
PC  program 
(e.g.,  Word 
or  Excel) 


1%  use  a 
specialized  or 
Web-based 
program 


BASE:  9,401  U.S.  households 


Heyl  said.  “Whatever  conclu¬ 
sions  are  made,  whatever  your 
health  status  is,  [it]  gets  sum¬ 
marized  into  a  PHR.” 

Customers  will  access  the 
online  records  by  using  an 
Aetna-built  Microsoft  .Net- 
based  application  that  uses 
Web  services  to  transmit  in¬ 
formation  between  the  online 
interface  and  ActiveHealth’s 
databases,  Heyl  said. 

The  PHR  data  will  be  stored 
on  a  Microsoft  SQL  Server 
database,  and  ActiveHealth 
is  using  an  Oracle  Corp.  data¬ 
base  to  add  advanced  analytics 
capabilities,  he  said. 

The  application  also  includes 
a  link  to  some  of  Aetna’s  inter¬ 


nal  ]ava  applications,  such  as 
call  center  and  disease  man¬ 
agement  software,  that  use 
IBM’s  WebSphere  middleware. 

“We’ve  placed  an  intermedi¬ 
ary  between  the  Java  and  .Net 
interactions  that  works  on 
XML  to  make  sure  . . .  we  re¬ 
move  any  kind  of  .Net-skewed 
XML  data  types  or  Java- 
skewed  data  types,”  Heyl  said. 

Aetna  considered  using  an 
enterprise  service  bus  to  pro¬ 
vide  interoperability  between 
the  .Net  and  Java  software  but 
instead  opted  to  write  custom 
code  because  of  concerns  that 
an  ESB  might  not  provide  the 
needed  scalability,  he  said. 

The  biggest  challenge  was 


‘Green’  Technology  Takes 
Root  in  Some  Data  Centers 


California  offers 
rebates  on  solar 
energy  costs 

BY  PATRICK  THIBODEAU 

Phil  Nail  is  ahead  of  most 
IT  managers  in  adopting  so- 
called  green  technologies.  His 
company,  a  Web  hosting  firm 
known  as  AISO.Net,  uses  solar 
panels  that  generate  12  kilo¬ 
watts  of  electricity  to  power 
its  data  center  and  main  office. 

Nail  now  hopes  to  improve 
the  facility’s  energy  efficiency 
by  putting  a  layer  of  dirt  on 
the  roof  and  planting  drought- 
resistant,  bush-type  plants. 

He  said  it  will  cost  AISO.Net, 
formally  named  Affordable 
Internet  Services  Online  Inc., 
about  $30,000  to  cover  its 
2,000-square-foot  roof  with 
three  to  four  inches  of  dirt  and 
the  plants. 

But  Nail,  technology  man¬ 
ager  at  Romoland,  Calif.-based 
AISO.Net,  thinks  the  “green” 
roof  will  cut  cooling  needs  by 
half  in  the  data  center,  which 
houses  about  300  servers.  For 
those  who  need  to  be  con¬ 
vinced  of  dirt’s  effectiveness, 
Nail’s  advice  is  to  stick  their 
hands  in  some  of  the  stuff.  “It’s 
cool  down  there,”  he  said. 

AISO.Net  markets  itself  as 


an  environmentally  friendly 
company.  Its  home  page  lists 
the  current  server  room  tem¬ 
perature  as  well  as  how  much 
carbon,  nitrous  and  sulfur 
dioxides  are  eliminated  by  its 
solar  power  system  each  year. 

California’s  government 
wants  to  see  many  more  com¬ 
panies  adopt  solar  power.  This 
month,  the  state  began  offer¬ 
ing  a  $2.50-per-watt  tax  rebate 
for  solar  energy  systems  that 
can  generate  up  to  1  megawatt 
of  power.  It  has  budgeted  a 
total  of  $2.9  billion  for  incen¬ 
tives  over  10  years. 

A  ‘Tough  Sell’ 

Globally,  annual  sales  of  solar 
equipment  for  both  homes 
and  businesses  total  about 
$15  billion,  according  to  mar¬ 
ket  research  firm  IDC.  But  it 
estimates  that  spending  in  the 
U.S.  accounts  for  only  about 
10%  of  the  overall  market. 

“For  most  companies,  to 
invest  in  what  is  perceived 
as  novel  energy  technologies 
is  a  tough  sell,”  said  Nicho¬ 
las  Lenssen,  an  IDC  analyst. 
“Most  companies  want  a  two- 
to-three-year  payback.  By  and 
large,  there  isn’t  a  whole  lot  of 
interest  in  on-site  generation.” 

The  costs  of  solar  equip¬ 
ment  are  often  high,  making 


January  15, 2007  COMPUTERWORLD  1 


to  find  a  way  to  manage  and 
authenticate  patient  identities, 
Heyl  said.  The  insurer  is  using 
the  OASIS  WS-Security  stan¬ 
dards  that  are  related  to  feder¬ 
ated  identity  management.  It’s 
also  using  IBM’s  Tivoli  access 
management  software  and  Mi¬ 
crosoft  Corp.’s  Active  Direc¬ 
tory  for  identity  management. 

Liz  Boehm,  an  analyst  at 
Forrester  Research  Inc.,  said 
that  while  other  insurance 
companies  have  offered  PHRs 
regionally,  Aetna  may  be  one 
of  the  first  to  offer  them  na¬ 
tionally.  The  company,  she 
noted,  likely  will  have  to  offer 
incentives,  such  as  discounts 
on  premiums,  to  foster  adop¬ 
tion  of  the  online  system  to 
help  overcome  patient  fears 
about  security  and  privacy. » 


government  incentives  critical. 
For  instance,  a  500-kilowatt 
system  would  amount  to  about 
$3.5  million,  based  on  an  es¬ 
timated  cost  of  $7  per  watt  to 
buy  and  install  the  equipment, 
said  Rhone  Resch,  president 
of  the  Solar  Energy  Industries 
Association  in  Washington. 

California’s  rebate  could  cut 
that  cost  by  about  $1.5  million, 
and  federal  tax  credits  would 
reduce  it  by  another  $1  million 
or  so,  according  to  Resch. 

Any  return  on  investment 
depends  on  how  much  a  com¬ 
pany  is  paying  for  electricity 
now.  Resch  said  a  six-to-eight- 
year  payback  wouldn’t  be  un¬ 
usual  for  a  large  user. 

Last  fall,  Sea  Gull  Lighting 
Products  LLC  in  Riverside,  N.J., 
began  using  a  500-kilowatt 
solar  energy  system  that 
provides  20%  of  the  power 
needs  for  a  500,000-square- 
foot  warehouse  from  Monday 
through  Friday.  On  weekends, 
the  solar  panels  can  provide 
all  of  the  power  needed,  said 
Alan  Hirsch,  Sea  Gull’s  execu¬ 
tive  vice  president. 

The  panels  take  up  about 
60,000  square  feet  on  the 
warehouse’s  roof,  he  said. 
SunEdison  LLC,  a  solar  ser¬ 
vices  company  in  Baltimore, 
installed  and  owns  the  system. 
But  Sea  Gull  pays  a  lower  rate 
for  the  power  it  uses  than  it 
would  be  charged  by  a  local 
electric  utility,  Hirsch  said. » 
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Investigator  Pleads 
Guilty  in  HP  Case 

Private  investigator  Bryan 
Wagner  pleaded  guilty  in  federal 
court  in  San  Jose  late  Friday  to 
two  charges  in  connection  with 
work  he  did  for  Hewlett-Packard 
Co.  to  help  find  the  source  of 
HP  board  leaks  in  2005  and 
2006.  Wagner  pleaded  guilty 
to  one  count  of  conspiracy 
and  one  count  of  aggravated 
identity  theft  and  also  agreed  to 
cooperate  with  federal  officials 
investigating  the  spying  scandal. 
Sentencing  was  set  for  June  20. 


Kagermann  Set  to 
Stay  On  as  SAP  CEO 

Henning  Kagermann  is  expected 
to  renew  his  contract  as  CEO  of 
SAP  AG  for  a  year  after  the  cur¬ 
rent  pact  expires  in  December 
2007,  according  to  a  source. 

“if  the  supervisory  board  asks 
Kagermann  to  continue,  he  will,” 
the  source  said.  The  company 
has  no  maximum  age  limit  for 
its  executives,  but  those  who 
are  60  and  older  have  to  negoti¬ 
ate  one-year  contracts  with  the 
company’s  supervisory  board 
annually.  Kagermann  turns  60 
in  July. 
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Microsoft  in  Talks 
With  Liberty  Alliance 

The  Liberty  Alliance  and  Micro¬ 
soft  Corp.  are  engaged  in  talks 
to  reconcile  their  competing 
sets  of  protocols  for  secure  Web 
transactions.  The  Liberty  Alli¬ 
ance,  whose  members  include 
HP,  IBM  and  Sun  Microsystems 
inc.,  backs  the  ID-Web  Services 
Framework  while  Microsoft  sup¬ 
ports  the  WS-Star  protocols. 

S un  Unveils  Blade, 
Upgrade  Service 

Sun  unveiled  a  new  blade  server, 
along  with  a  subscription  ser¬ 
vice  for  automatic  hardware 
upgrades.  The  new  Sun  Blade 
X8420,  priced  from  $13,095,  is 
powered  by  dual-core  2.8-GHz 
AMD  Opteron  8000  chips.  The 
Sun  Refresh  subscription  service 
will  let  customers  in  the  U.S.  up¬ 
date  blades  within  two  months  of 
new  servers  becoming  available. 
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HOT  TECHNOLOGY  TRENDS,  NEW  PRODUCT 
NEWS  AND  INDUSTRY  BUZZ  BY  MARK  HALL 


VoIP  Soon  to  Be 
A  Target  for . . . 

. . .  hackers,  and  it  won’t  be  difficult  to  hit.  In  Hacking  Ex¬ 
posed  VoIP,  which  hit  bookshelves  last  month,  authors 
David  Endler  and  Mark  Collier  argue  that  voice-over- 
IP  technology  “is  about  to  hit  critical  mass”  and  will 
become  a  favorite  security  hole  for  hackers  to  slip 


through  to  disrupt  IT 
operations.  Endler  and 
Collier  hope  their  book 
can  show  not  just  how 
to  crack  a  VoIP  net¬ 
work  —  which  it  will 
—  but  also  how  to  lock 
one  down.  Accord¬ 
ing  to  Endler,  who  is 
director  of  security  at  3Com 
Corp.’s  TippingPoint  divi¬ 
sion  in  Austin,  hackers  have 
begun  to  use  VoIP  in  phishing 
exploits  that  emulate  the  in¬ 
teractive  voice  response  sys¬ 
tems  of  legitimate  companies. 
“The  rate  of  vulnerabilities 
will  increase,”  says  Collier, 
chief  technology  officer  at 
SecureLogix  Corp.  in  San  An¬ 
tonio.  Distributed  denial-of- 
service  attacks  are  likely  and 
could  be  devastating  to  VoIP 
systems.  Collier  says,  noting 
that  even  a  modest  DDoS 
attack  could  make  it  all  but 
impossible  to  make  VoIP  calls 
because  of  quality-of-service 
issues.  Then  there’s  the  prob¬ 
lem  of  privacy.  “It’s  extremely 
easy  to  listen  in  on  a  call,” 


Endler  says.  It  isn’t  that 
much  harder  to  inject 
noise  or  even  spam 
into  VoIP  communica¬ 
tions.  And  speaking  of 
unwanted  messages, 
spam  over  Internet  te¬ 
lephony,  or  “spit,” 
is  another  looming 
problem.  As  Collier  observes, 
“There’s  nothing  today  to  pre¬ 
vent  you  from  getting  as 
much  voice  spam  as  e-mail 
spam.”  Endler  says  it’s  pos¬ 
sible  to  deploy  a  secure  VoIP 
system,  but  it’s  tough  to  do  it 
right.  So  if  you’re  engaged  in  a 
VoIP  rollout  or  are  thinking 
about  one,  read  their  book.  If 
you’re  not,  maybe  you  should 
consider  yourself  lucky. 

Stop  Web  surfers 
from  hurting . . . 

. . .  themselves  and  your  company. 

It’s  wise,  of  course,  to  stop 
internal  users  from  visiting 
recognized  porn  or  gambling 
sites  from  your  company’s 
PCs.  But  what  about  legiti¬ 
mate  sites  that  harbor  hidden 


2006 

Year  VoIP 
made  SANS 
Institute’s 
top  20  list  of 
security 
problems. 


malware?  It’s  a  growing  trend. 
For  example,  according  to 
IDC  Denmark,  companies  in 
that  country  were  afflicted 
for  the  first  time  last  year 
with  more  malware  origi¬ 
nating  from  Web  sites  than 
from  e-mail.  You  could  put 
a  filtering  appliance  on  your 
network  that  checks  for  evil 
exploits  buried  in  Web  pages, 
but  you’d  likely  encounter 
end-user  complaints  about 
latency  when  the  appliance 
got  hammered  under  heavy 
loads,  says  Dan  Nadir,  vice 
president  of  product  strategy 
at  ScanSafe  Services  LLC 
in  San  Mateo, 

Calif.  Nadir 
argues  that 
only  a  managed 
service,  such 
as  the  one  his 
company  of¬ 
fers,  can  handle 
peak-demand 
periods.  ScanSafe  has  a  dedi¬ 
cated  server  farm  analyzing 
everything  on  Web  pages  be¬ 
fore  browsers  hit  them.  Nadir 
says  the  company  analyzes 
billions  of  pages  every  month. 
This  year,  he  expects  more 
e-mail  filtering  services,  such 
as  Postini  Inc.’s,  to  offer  Web 
filtering  capabilities. 

Don’t  let  your 
database  dictate . . . 

...  the  availability  of  your  Web 
content  management  system. 

Cascade  Server,  an  online 
content  management  system 
offered  by  Atlanta-based 
Hannon  Hill  Corp.,  has 
many  of  the  same  bells  and 
whistles  that  other  CMS  tools 
do.  Its  role-based  access  lets 
end  users  edit  only  mate¬ 
rial  they’re  authorized  to.  Its 
workflow  processes  can  le¬ 
verage  e-mail,  RSS  and  other 
notification  methods.  And 
it  can  check  whether  your 
Web  pages  meet  the  needs  of 
handicapped  users.  But  David 
Cummings,  Hannon  Hill’s 
CEO,  thinks  Cascade  Server’s 
focus  on  “aggregating  content 
in  a  vendor-neutral  format”  is 
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Number  of 
Web  pages 
ScanSafe 
reviews  for 
malware  per 
month. 


what  really  ought  to  intrigue 
you.  The  software  achieves 
vendor  independence  and 
ensures  high 
availability 
by  attaching 
database  rec¬ 
ords  associ¬ 
ated  with  each 
Web  page  to 
the  page  itself. 

If  your  data¬ 
base  crashes, 

Cascade  still 
tracks  edits, 
additions, 
deletions  and  other  changes 
within  the  file  itself  and  can 
be  synchronized  with  your 
database  later.  Pricing  starts 
at  $40,000  per  processor.  On 
March  1,  Hannon  Hill  plans  to 
ship  Cascade  5.0,  which  will 
include  improved  site  analyt¬ 
ics  as  well  as  integration  with 
applications  from  vendors 
like  Salesforce.com. 

Gall,  don’t  write, 
when  you  need . . . 

. . .  technical  support.  John 

Ragsdale,  vice  president  of 
research  at  the  Service  & 
Support  Professionals  Asso¬ 
ciation,  regularly  polls  SSPA 
members  about  IT  support 
trends.  One  he  recently  found 
interesting  is  that  many  ven¬ 
dors  say  they  aren’t  invest¬ 
ing  in  e-mail 
response 
tools,  despite 
an  increased 
volume  of 
e-mail  to 
their  support 
desks.  Rags¬ 
dale  thinks  IT 
staffers  are 
using  the 
phone  on  mat¬ 
ters  of  some 
urgency  and  relegating  the 
use  of  e-mail  to  “noncritical 
issues.”  Of  course,  phone  calls 
are  more  expensive  to  handle, 
which  in  turn  fuels  increases 
in  service  and  support  costs. 
So  even  if  you  have  an  800 
number  to  dial,  it  could  be  a 
toll  call  in  the  end. » 


Keep  your 
content  going 
even  when  youi 
DB  is  down, 

CUMMINGS 

says. 
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Microsoft  issues  50% 
Of  Expected  Patches 

Microsoft  Corp.  has  released 
four  sets  of  patches,  including 
three  for  critical  vulnerabilities 
in  its  Office,  Outlook  and  Win¬ 
dows  software.  The  company’s 
monthly  update  for  January  was 
expected  to  include  eight  sets  of 
patches,  but  four  were  abruptly 
pulled  out  of  the  pipeline.  No  rea¬ 
son  was  given  for  the  decision. 


Brocade  Acquires 
Silverback  Systems 

Brocade  Communications 
Systems  Inc.  has  acquired  Silver- 
back  Systems  Inc.,  a  maker  of 
network  acceleration  processor 
technology,  for  an  undisclosed 
sum.  The  acquisition  is  Brocade’s 
third  in  the  past  10  months.  The 
company  bought  NuView  Inc.  for 
an  undisclosed  price  and  an¬ 
nounced  plans  in  August  to  buy 
McData  Corp.  for  S713  million. 
The  McData  deal  is  still  pending. 


Juniper  Appoints 
Eiop  to  COO  Post 

Juniper  Networks  Inc.  named 
Stephen  Elop  to  the  new  post 
of  chief  operating  officer.  Elop 
reports  to  Chairman  and  CEO 
Scott  Kriens  and  will  oversee 
Juniper’s  enterprise  and  service 
provider  businesses,  as  well  as 
its  corporate  development,  glob¬ 
al  sales  and  service,  marketing 
and  IT  organizations.  Kriens  will 
retain  responsibility  for  strategy, 
communication  and  talent  de¬ 
velopment.  Elop  was  previously 
president  of  worldwide  field  op¬ 
erations  at  Adobe  Systems  Inc. 


Grade  Updates  Free 

SQL  Developer  Tods 

Oracle  Corp.  has  released  the 
first  major  upgrade  to  SQL  De¬ 
veloper.  its  free  visual  database 
development  tool.  The  new  ver¬ 
sion  can  browse  non-Oracle  da¬ 
tabases,  including  Microsoft  SQL 
Server  and  Access  and  MySQL 
AB’s  open-source  MySQL.  The 
SQL  Developer  1.1  tool  simpli¬ 
fies  the  creation  and  debugging 
of  code  in  standard  SQL  and  in 
Oracle’s  proprietary  PL/SQL 
programming  languages. 


Teradata  Exec  SaysTiming 
Is  Right  for  Split  From  NCR 


Spin-off  will  let  the  two  vendors  focus 
on  their  ‘distinct  markets,’  says  VP 


BY  HEATHER  HAVENSTEIN 

NCR  Corp.  last  week  an¬ 
nounced  plans  to  spin  off  its 
Teradata  data  warehousing 
subsidiary  as  an  independent 
company.  Bob  Fair,  vice 
president  of  business 
strategy  and  chief  mar¬ 
keting  officer  at  Dayton, 
Ohio-based  Teradata, 
spoke  with  Computer- 
world  about  the  factors 
behind  the  decision.  Fair 
also  discussed  what  the 
spin  -off  means  for  Tera¬ 
data  in  a  market  that 
is  becoming  increasingly  com¬ 
petitive  as  Hewlett-Packard 
Co.,  IBM,  Microsoft  Corp.  and 
Oracle  Corp.  all  step  up  their 
efforts  to  grab  data  warehous¬ 
ing  users. 

What  was  behind  the  decision 
to  separate  Teradata  from  NCR, 
and  what  effect  can  Teradata 
users  expect  to  see  on  things 
such  as  new  product  releases 
and  customer  support?  The  two 
companies  have  very  dif¬ 
ferent  business  models.  The 
question  isn’t  really  why  the 
split;  it  is  really  a  question  of 
timing.  Teradata  over  the  past 
four  or  five  years  has  really 
established  itself  as  a  leader  in 
the  enterprise  data  warehous¬ 
ing  space.  The  rest  of  the  NCR 
organization  has  improved  its 
operational  performance. 

You  end  up  with  two  differ¬ 
ent  companies  competing  in 
two  different  segments  that 
are  both  now  very  strong  fi¬ 
nancially.  It  makes  sense  to  let 
us  both  go  and  compete  100% 
in  our  distinct  markets. 

Customers  shouldn’t  ex¬ 
pect  to  see  any  changes  at  all 
or  any  negative  changes.  We 
expect  zero  disruption.  We’ll 
be  even  stronger  and  more 
nimble  when  this  separation  is 
finished. 
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Do  you  need  to  be  more  nimble  to 
fend  off  increasing  competition 
in  the  data  warehousing  business 
from  companies  like  Microsoft 
and  Oracle?  We’re  the  biggest 
organization  that  fo¬ 
cuses  exclusively  on 
enterprise  data  ware¬ 
housing.  [By  spinning 
off  from  NCR]  we  end 
up  with  every  single 
management  cycle 
in  the  organization 
focused  on  becoming 
more  agile  and  nimble. 
[But]  this  is  not  a  situa¬ 
tion  where  we  are  being  forced 
into  this  due  to  competitive 
pressures. 

Will  this  move  better  position 


the  company  to  compete  with 
HP,  which  under  former  NCR 
CEO  Mark  Hurd  has  been  quietly 
ramping  up  its  plans  to  enter  the 
data  warehousing  market?  It  is 
no  surprise  at  all  that  HP  is 
trying  to  enter  the  market.  We 
take  every  competitor  very  se¬ 
riously.  We  obviously  respect 
HP  as  an  organization  and  pay 
a  tremendous  amount  of  at¬ 
tention  to  what  we  learn  about 
what  they’re  doing. 

HP  publicly  endorses  that 
enterprise  data  warehous¬ 
ing  is  the  best  way  to  deliver 
enterprise  analytics.  [But]  it 
takes  a  tremendous  amount 
to  go  deliver  enterprise  data 
warehousing.  They  are  going 
to  have  a  challenge  [trying] 
to  do  that.  They  will  probably 
be  more  of  a  competitor  in  the 
data  mart  space  than  they  will 
be  to  us. 


You’ve  said  that  Teradata  has 
seen  an  increased  interest  in  en¬ 
terprise  data  warehousing.  What 
is  driving  that,  and  how  are  the 
drivers  different  than  they  were 
three  to  five  years  ago?  Custom¬ 
ers  have  ended  up  creating  a 
lot  of  data,  and  they  still  can’t 
get  simple  answers  to  ques¬ 
tions  like,  “How  much  does 
Vendor  A  spend  with  me?” 

When  the  executives  ask 
the  questions  and  can’t  get  the 
answers,  they  get  the  expla¬ 
nation  that  the  company  has 
standard  processes  and  data, 
but  several  instances  of  these 
things  [instead  of  a  single  data 
warehouse]. 

There  is  a  recognition  that  I 
have  to  have  better  analytics 
to  compete,  and  if  I  don’t  put 
all  my  data  in  one  place,  I  can’t 
get  a  quick,  nimble  and  agile 
[analysis]  capability. » 


NCR’s  Data  Warehousing 
Spin-off  a  Long  Time  Coming 


BY  JEREMY  KIRK 

NCR  and  its  Teradata  data  ware¬ 
housing  division  will  separate  into 
two  publicly  traded  companies  in  an 
effort  to  better  focus  their  respec¬ 
tive  business  strategies,  NCR  said 
last  week. 

Teradata,  which  makes  high-end 
data  warehousing  software,  and 
NCR  have  disparate  business 
models  and  target  different  markets, 
said  Bill  Nuti,  NCR’s  president  and 
CEO,  in  a  statement.  NCR’s  major 
businesses  include  ATMs  and  retail 
point-of-sale  technologies. 

Teradata  and  NCR  had  effectively 
been  running  as  two  stand-alone 
businesses  for  several  years, 

Nuti  said. 

NCR  had  deliberated  for  some 
time  over  whether  to  spin  off  Tera¬ 
data,  but  “we  didn't  feel  Teradata 
was  sound  enough,  really,”  said 
NCR  Chairman  James  Ringler. 

"Only  a  few  years  ago,  it  wasn’t  mak¬ 
ing  money.” 


In  2005,  Teradata  had  revenue  of 
$1.5  billion  and  an  operating  income 
of  $309  million,  excluding  pension 
expenses,  NCR  said. 

Dan  Vesset,  an  analyst  at  IDC, 
said  that  because  NCR  and  Teradata 
have  been  operating  like  separate 
companies  for  several  years,  there 
should  be  no  immediate  impact  on 
end  users  in  terms  of  changes  to 
product  offerings  or  service  levels. 

“Long  term,  it  is  positive  in  that  it 
frees  up  Teradata  to  be  a  more  nim¬ 
ble  company  to  react  to  challenges,” 
he  said.  “There  is  an  opportunity  for 
Teradata  to  grow  faster  if  they  are 
not  part  of  a  larger,  slow-moving 
company.” 

Once  it  officially  separates  from 
NCR,  Teradata  will  boost  its  invest¬ 
ment  in  consulting  services  and 
applications  and  work  to  expand  its 
list  of  partners,  Nuti  said. 

Meanwhile,  NCR  plans  to  expand 
the  markets  for  its  self-service  de¬ 
vices,  which  Nuti  said  are  becoming 


more  widely  adopted  in  the  health 
care,  public  sector,  travel  and  gam¬ 
ing  industries. 

In  the  future,  NCR  will  focus  on 
acquiring  smaller  companies  in  the 
self-service  area,  Nuti  said.  “We 
think  it’s  important  to  build  out  from 
an  innovation  standpoint,  a  self- 
service  platform,”  he  added. 

The  division  of  the  two  compa¬ 
nies  is  expected  to  be  completed  in 
six  to  nine  months.  Nuti  will  head 
NCR,  while  Mike  Koehler,  Teradata’s 
current  senior  vice  president,  will 
become  president  and  CEO  of 
Teradata. 

NCR’s  board  of  directors  must 
still  approve  the  move.  Under  the 
plan,  holders  of  NCR  common  stock 
will  receive  Teradata  stock,  although 
the  distribution  ratio  has  not  yet 
been  determined,  NCR  said.  The 
Internal  Revenue  Service  must  ap¬ 
prove  the  transfer,  which  should  be 
tax-free  for  NCR  shareholders,  the 
vendor  said. 


Kirk  is  a  reporter  with  the  IDG  News 
Service.  Heather  Havenstein  contrib¬ 
uted  to  this  story. 
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Two  Suitors  Consider 
Bids  to  Buy  BenQ  Mobile 

MUNICH 

TWO  SUITORS  with  U.S.  connec¬ 
tions  said  last  week  they  plan  to 
submit  bids  for  insolvent  mobile 
phone  maker  BenQMobile  GmbH. 

A  buyer  will  be  chosen  for  the 
Munich-based  company  by  Martin 
Prager,  its  insolvency  administra¬ 
tor.  BenQMobile  filed  for  bankruptcy 
protection  last  September  after  BenQ. 
Corp.,  its  Taiwan-based  parent  com¬ 
pany,  decided  to  stop  investing  in  the 
money-losing  operation.  The  mobile 
unit  failed  to  find  a  buyer  on  its  own  by 
a  Dec.  31  deadline. 

An  investment  group  that  includes 
IT  and  telecommunications  executives 
from  the  U.S.  and  Germany  discussed 
its  buyout  plan  with  officials  from  the 
German  states  of  Bavaria  and  North 
Rhine-Westphalia  last  Monday.  The 
group  is  seeking  state-backed  lines 
of  credit  totaling  about  €100  million 
($129  million  U.S.)  and  is  asking  that 
800  BenQMobile  employees  who  have 
been  shifted  to  a  temporary  organiza¬ 
tion  continue  to  be  paid  by  the  German 
government  and  former  owner  Sie¬ 
mens  AG  for  six  months  after  a  sale. 

The  second  interested  buyer,  Cleve¬ 
land-based  Sentex  Sensing  Technolo¬ 
gies  Inc.,  told  the  German  state  officials 
in  a  meeting  on  Tuesday  that  it  hopes 
to  hire  up  to  1,700  of  BenQMobile’s 
former  workers  and  said  it  would  pay 
the  employees  itself.  But  Sentex,  a  mak¬ 
er  of  biometric  and  security  products, 
has  yet  to  reveal  its  financing  plans. 

The  government  in  North  Rhine- 
Westphalia  said  it  is  seeking  “a  sus¬ 
tainable  solution”  for  BenQMobile 
production  facilities  in  the  cities  of 
Kamp-Lintfort  and  Bocholt.  Likewise, 
the  Bavarian  government  hopes  to  res¬ 
cue  the  company’s  plant  in  Munich, 
a  JOHN  BLAU,  IDG  NEWS  SERVICE 


U.S.  Official  Chides 
China  Over  3G  Plans 


LAS  VEGAS 

THE  HEAD  of  the  U.S.  Department 
of  Commerce  last  week  criticized 
China  for  a  lack  of  urgency  about 
creating  a  third-generation  wireless 
network,  citing  the  delay  as  an  example 
of  how  global  technology  innovation 
can  be  thwarted. 

Speaking  at  the  2007  International 


An  International 
IT  News  Digest 


Consumer  Electronics  Show,  Com¬ 
merce  Secretary  Carlos  M.  Gutierrez 
said  support  for  common  technology 
standards  is  needed  to  foster  a  world¬ 
wide  environment  for  promoting  in¬ 
novation. 

Gutierrez  then  hit  China  for  continu 
ing  to  delay  the  granting  of  licenses 
to  build  a  3G  network  in  that  country. 
“When  a  government  uses  its  heavy 
hand  to  decide  what 
is  best  for  its  citizens, 
it  warps  the  mar¬ 
ketplace,”  he  said. 

“We  look  with  great 
concern  when  any 
country  obstructs  or 
hinders  competition.” 

Some  analysts  have 
said  that  the  Chinese 
government  has  held 
off  on  plans  to  build  a 
3G  network  because 
it  wants  to  promote  a 
homegrown  standard 
called  TD-SCDMA  instead  of  embrac 
ing  a  more  widely  used  version  of  the 
CDMA  technology. 

■  ELIZABETH  M0NTALBAN0, 

IDG  NEWS  SERVICE 

Vendor  Adds  Hosted 
Software  Unit  in  China 


GLOBAL  FACT 


Total  revenue  generated  in  China 
during  the  first  half  of  2006  by 
major  vendors  of  telecommunica¬ 
tions  equipment,  led  by  Nokia 
Corp.,  Motorola  and  Huawei  Tech¬ 
nologies  Co.  The  amount  was  up 
9%  from  the  same  period  in  2005 


Intel  to  Close  Research 
Facility  in  South  Korea 

BUNDANG,  SOUTH  KOREA 

INTEL  CORP.  this  month  said  it  plans 
to  close  a  research  and  development 
office  here  as  part  of  a  previously 
announced  corporate  makeover  that 
includes  shedding  10%  of  its  worldwide 
workforce. 

“This  has  nothing  to  do  with  the 
Korean  market  or  Korean  R&D  in  gen¬ 
eral,  and  everything  to  do  with  our  re¬ 
structuring,”  an  Intel  spokesman  said. 
He  said  the  closure  will  affect  a  small, 
unspecified  number 
of  workers,  who  can 
relocate  to  other  Intel 
offices  or  accept  a 
severance  package. 

The  planned  clo¬ 
sure  is  the  latest  in  a 
series  of  layoffs,  plant 
closings  and  division 
sales  that  began  last 
April,  when  Intel  CEO 
Paul  Otellini  project¬ 
ed  that  the  company’s 
profit  would  decline 
to  $9.3  billion  in  2006 
from  $12.1  billion  the  year  before.  Intel 
is  scheduled  to  announce  its  fourth- 
quarter  and  year-end  financial  results 
tomorrow. 

“Compared  to  our  workforce  reduc¬ 
tion  of  10,500  announced  in  September, 
this  will  be  very,  very,  very  small,”  the 
spokesman  said. 

■  BEN  AMES,  IDG  NEWS  SERVICE 


HANGZHOU,  CHINA 

ONG  KONG-BASED  Alibaba.com 
Corp.  last  week  launched  a  new 
company  called  Alisoft,  which 
will  offer  hosted  business  software  to 
small  and  midsize  companies  in  China. 

According  to  Alibaba.com,  the  new 
unit  will  initially  offer  five  types  of 
software:  customer  relationship,  in¬ 
ventory,  sales  force  and  marketing 
information  management  applications, 
as  well  as  financial  tools. 

The  company,  which  runs  a  busi- 
ness-to-business  e-commerce  site  in 
China  as  well  as  an  online  auction  site 
for  consumers,  estimated  that  less  than 
10%  of  the  country’s  more  than  40  mil¬ 
lion  small  and  midsize  businesses  have 
adopted  advanced  software. 

Alisoft’s  hosted  services  are  current¬ 
ly  available  for  free,  but  the  company 
will  start  charging  for  the  services  dur¬ 
ing  the  first  half  of  this  year. 

Alibaba.com,  which  has  based  its 
Chinese  operations  in  Hangzhou, 
didn’t  disclose  pricing  details. 

■  STEVEN  SCHWANKERT, 

IDG  NEWS  SERVICE 


Chinese  Firm  Updates 
Sogou  Search  Engine 

BEIJING 

EIJING-BASED  Sohu.com  Inc.  has 
released  the  first  upgrade  of  its 
Sogou  search  engine  since  late 
2005,  saying  that  the  updated  software 
offers  improved  Web  crawling  and  site 
analysis  capabilities. 

The  Sogou  technology  trails  far 
behind  the  search  engines  offered  by 
Baidu.com  Inc.,  Google  Inc.  and  Yahoo 
Inc.  in  usage  within  China,  according 
to  the  China  Internet  Network  Infor¬ 
mation  Center  in  Beijing,  which  tracks 
the  industry. 

The  Sogou  3.0  release  can  index 
500  million  Web  pages  per  day,  said 
Sohu.com.  It  added  that  Sogou’s  data¬ 
base  now  includes  10  billion  retrieved 
Chinese-language  Web  pages,  up  from 
2  billion  in  the  previous  version  of  the 
software. 

■  SUMNER  LEMON,  IDG  NEWS  SERVICE 


Compiled  by  Mike  Bucken. 


Briefly  Noted 

IBM  last  week  named  Dah-Chuen 
Chien  CEO  of  its  Greater  China  Group, 
which  oversees  operations  in  China, 
Hong  Kong  and  Taiwan.  Chien  re¬ 
places  Henry  Chow,  who  had  led  the 
unit  for  12  years  and  will  retain  his 
position  as  its  chairman.  Previously, 
Chien  was  IBM's  general  manager  for 
Southeast  Asia  and  South  Asia. 

■  ROBERT  MULLINS, 

IDG  NEWS  SERVICE 


The  U.K.  Security  Service,  which 
oversees  counterterrorism  efforts 
there,  plans  to  send  e-mail  alerts 
warning  citizens  of  changes  to  the 
“national  threat  level,”  a  measure 
of  the  risk  of  terrorist  attacks.  The 
security  service,  also  known  as  MI5, 
said  last  week  that  details  of  the  pro¬ 
gram  will  be  announced  soon. 

■  PETER  SAYER,  IDG  NEWS  SERVICE 


Motorola  Inc.  last  week  completed 
its  $3.9  billion  cash  acquisition  of 
Symbol  Technologies  Inc.,  one  day 
after  the  European  Commission  ap¬ 
proved  the  deal.  The  EC  said  it  had 
found  that  in  all  product  categories, 
the  combined  company  “would 
continue  to  face  several  strong, 
effective  competitors.”  Motorola, 
which  agreed  to  buy  Symbol  last 
September,  said  the  Holtsville,  N.Y.- 
based  maker  of  mobile  products 
will  become  part  of  its  enterprise 
networks  unit. 

■  PAUL  MELLER,  IDG  NEWS  SERVICE 


A6roport  de  Luxembourg  has 
awarded  Unisys  Corp.’s  Belgian  unit 
a  five-year  contract  to  build  and 
manage  a  new  IT  infrastructure  at 
the  airport.  Brussels-based  Unisys 
Belgium  SA  will  install  self-service 
kiosks  and  other  technologies  for 
airlines  to  issue  tickets  and  boarding 
passes  and  route  baggage.  It  will 
also  provide  technical  management, 
support  and  help  desk  services.  The 
contract’s  value  wasn’t  disclosed. 
— 

Taiwan  Semiconductor  Manufac¬ 
turing  Co.  has  received  approval 
from  the  Taiwanese  government  to 
transfer  0.18-micron  chip  production 
technology  to  its  plant  near  Shang¬ 
hai.  Hsinchu,  Taiwan-based  TSMC 
had  waited  more  than  two  years 
for  the  approval.  Taiwan  has  been 
slow  to  change  regulations  limiting 
the  semiconductor  manufacturing 
technologies  that  can  be  transferred 
to  China. 

■  SUMNER  LEMON, 

IDG  NEWS  SERVICE 
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Mainframe  Migrations 
Follow  Different  Routes 

NYSE  unit  moves  quickly  toward  Unix; 

Reader’s  Digest  takes  outsourcing  path 


BY  PATRICK  THIBODEAU 

RANCIS  FELDMAN  re¬ 
called  last  week  that  as 
he  got  closer  to  choos¬ 
ing  a  vendor  to  help  his 
company  with  a  mainframe-to- 
Unix  migration,  he  was  wor¬ 
ried.  But  the  IT  manager  said 
that  after  “a  sleepless  week, 
where  I  was  trying  to  figure 
out  where  to  turn,”  he  came  up 
with  an  idea  to  help  him  make 
his  decision. 

Feldman,  vice  president  of 
the  shared  data  center  at  Se¬ 
curities  Industry  Automation 
Corp.  (SIAC)  in  New  York, 
made  surprise  calls  to  the  the 
vendors  being  considered  for 
the  migration  project.  He  told 
the  president  of  Clerity  Solu¬ 
tions  Inc.,  one  of  the  vendors, 
that  he  was  going  to  send  the 


company  some  coding  work 
and  then  fly  to  its  Phoenix 
development  center  within 
24  hours  to  examine  the  end 
results. 

Some  of  the  other  vendors 
balked  at  such  tests,  Feldman 
said.  But  Clerity  completed 
the  work  and  was  hired. 

That  taught  Feldman  a  les¬ 
son  about  dealing  with  pro¬ 
spective  migration  vendors. 
“Don’t  be  afraid  to  challenge 
them  with  a  final  test,”  he  said. 
“And  that  test  should  [make 
them]  stand  on  the  merits  of 
what  they  have  told  you  so  far. 
If  they  told  you  that  they  can 
migrate  so  much  code  or  so 
many  screens  in  a  certain  time 
frame,  put  them  to  the  test.” 

Nick  Sementilli,  CIO  at  The 
Reader’s  Digest  Association 


Inc.  in  Pleasantville,  N.Y.,  is 
also  involved  in  a  mainframe 
migration  process.  But  he  has 
taken  an  entirely  different 
approach  by  outsourcing  his 
mainframe  to  Infocrossing 
Inc.  under  a  contract  that  was 
signed  in  2004  and  recently 
extended  by  three  years  to 
2012. 

SIAC’s  migration  is  moving 
ahead  on  a  fixed  schedule  and 
is  due  to  be  completed  by  the 
fourth  quarter.  For  Reader’s 
Digest,  the  migration  could 
last  five  more  years,  according 
to  Sementilli,  who  has  stopped 
developing  new  applications 
for  the  mainframe  and  plans 
to  gradually  port  existing  ap¬ 
plications  to  Unix. 

SIAC,  a  subsidiary  of  NYSE 
Group  Inc.  that  runs  the  sys¬ 
tems  for  the  New  York  Stock 
Exchange,  is  migrating  to  IBM 
servers  running  AIX.  Feldman 
said  the  1,650-MIPS  main¬ 


frame  that  SIAC  is  moving  off 
of  processes  data  after  trades 
are  completed  and  generates 
reports  for  NYSE  member 
companies.  It  also  gathers  data 
for  regulatory  purposes. 

Feldman  didn’t  disclose 
specific  savings  goals  but  said 
he  expects  the  move  to  Unix 
systems  to  cut  the  costs  of 
running  the  applications  on 
the  mainframe  in  half.  He  con¬ 
sidered  outsourcing  the  main¬ 
frame  but  said  he  also  expects 
to  gain  business  advantages 
through  increased  integration 
of  the  systems  once  the  migra¬ 
tion  is  completed. 

Reader’s  Digest  is  mostly 
switching  to  Solaris-based  sys- 


If  [vendors] 
told  you  that 
they  can  migrate 
so  much  code  or  so 
many  screens  in  a 
certain  time  frame, 
put  them  to  the  test 

FRANCIS  FELDMAN, 

VICE  PRESIDENT,  SIAC 


terns  from  Sun  Microsystems 
Inc.,  along  with  some  AIX- 
based  machines.  Sementilli 
said  he  had  concerns  about 
outsourcing  the  mainframe, 
partly  because  that  was  the 
only  system  involved.  As  a 
result,  he  wanted  to  seek  out  a 
small  vendor  instead  of  going 
to  a  large  IT  services  firm. 

Infocrossing  bills  the  pub¬ 
lishing  company  based  on 
usage  metrics,  such  as  the 
amount  of  disk  space  con¬ 
sumed  and  tape  cartridges 
needed. 

Sementilli  said  Reader’s 
Digest  has  cut  costs  by  manag¬ 
ing  the  data  on  the  mainframe 
more  efficiently.  He  added  that 
the  variable  cost  structure  cre¬ 
ated  an  incentive  “to  look  at 
our  resources  and  see  what  we 
really  needed.” 

“Once  you’re  paying  by  the 
drink,  every  sip  matters,”  said 
Peter  Allen,  managing  director 
of  Technology  Partners  Inter¬ 
national  Inc.,  an  outsourcing 
consultancy  in  The  Wood¬ 
lands,  Texas.  Allen  said  some 
CIOs  are  using  variable  cost 
models  to  control  internal  ex¬ 
penses  through  chargebacks.  * 


TEA  Ready  to  Issue  Smart  Cards  to  Port  Workers 


Rejects  GAO  call 
for  more  testing 
before  rollout 

BY  JAIKUMAR  VIJAYAN 

The  U.S.  Transportation  Secu¬ 
rity  Administration  is  moving 
ahead  with  plans  to  start  is¬ 
suing  new  smart  card  iden¬ 
tity  credentials  to  more  than 
750,000  port  workers  starting 
in  March,  despite  some  con¬ 
cerns  about  its  readiness  to 
do  so. 

The  U.S.  Department  of 
Homeland  Security,  which 
oversees  the  TSA,  earlier  this 
month  published  the  final 
rules  for  the  Transporta¬ 
tion  Worker  Identification 
Credential  (TWIC)  program, 
which  was  put  in  place  after 
the  terrorist  attacks  of  Sept. 

11, 2001.  The  program  aims  to 
boost  security  at.  about  4,000 
transportation  facilities  in  the 
country. 


The  TWIC  initiative  re¬ 
quires  that  all  workers  at 
the  nation’s  transportation 
facilities  carry  DHS-issued 
smart-card  credentials  that 
include  their  photographs  and 
a  fingerprint  template.  All  of 
the  workers  must  also  undergo 
criminal  background  checks. 

The  final  rules  published 
last  week  spell  out  the  enroll¬ 
ment  process  for  the  TWIC 
program,  as  well  as  disqualify¬ 
ing  crimes,  usage  procedures, 


fees  and  other 
requirements  for 
workers,  port  own¬ 
ers  and  operators. 

Enrollment  in 
the  program  will 
start  in  March  “at 
a  small  number 
of  ports”  and  be 
phased  in  through¬ 
out  the  year  at  all 
ports  around  the 
country,  the  DHS 
said  in  a  statement. 

Once  the  TWIC  cards  are 
issued,  the  DHS  will  set  a 
deadline  by  which  workers 
must  carry  the  cards  for  un¬ 
escorted  access  to  secure  ar¬ 
eas  of  ports  and  vessels. 

The  final  rules  incorporate 
suggestions  gathered  from 
four  public  meetings  held  last 
year  around  the  country  by 
the  TSA  and  the  U.S.  Coast 
Guard,  the  DHS  said. 

The  decision  to  move  ahead 
with  the  TWIC  implementa¬ 


tion  comes  just  three  months 
after  the  U.S.  Government 
Accountability  Office  recom¬ 
mended  that  the  TSA  do  more 
testing  of  both  technology  and 
processes  before  rolling  out 
the  new  identification  system. 

In  the  October  report,  the 
GAO  auditors  expressed 
concern  that  tests  conducted 
between  August  2004  and 
June  2005  had  been  far  too 
limited  in  scope  and  did  not 
represent  the  true  scale  of  the 
deployment. 

For  instance,  the  TSA  is¬ 
sued  test  cards  to  just  1,700 
workers  —  not  the  75,000 
it  had  originally  planned  to 
include.  The  TSA  also  failed 
to  gather  sufficient  data  about 
the  “operational  effectiveness” 
of  biometric  card  readers  in 
“harsh”  maritime  conditions, 
the  GAO  said. 

The  DHS  concurred  with 
the  GAO’s  findings  but  would 
not  say  whether  it  would 


perform  the  additional  test¬ 
ing.  The  agency  did  say  that 
it  planned  to  hire  a  contractor 
experienced  in  implementing 
large  projects  to  handle  the 
TWIC  initiative. 

The  department  also  noted 
in  its  response  that  it  would 
implement  the  project  in  two 
phases  to  give  port  and  vessel 
owners  and  operators  enough 
time  to  install  biometric  and 
other  access-control  compo¬ 
nents. 

The  DHS  said  the  Coast 
Guard  and  other  authorized 
personnel  will  verify  TWIC 
cards  in  the  first  days  of  the 
program  to  ensure  that  the 
cards  are  valid.  Until  card- 
reader  technology  is  tested 
and  regulations  are  issued  on 
access  control,  facility  own¬ 
ers  and  operators  won’t  be 
required  to  use  TWIC  read¬ 
ers  for  facility  access,  the 
DHS  said. 

The  cards  will  cost  between 
$139  and  $159  each  and  be 
valid  for  five  years,  according 
to  the  DHS.  * 
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Atlanta  to  Roll  Out  Cognos  Analysis 
Software  to  City  Agency  Workers 


$2.1M-plus  project 
aims  to  monitor 
performance  of 
all  departments 

BY  HEATHER  HAVENSTEIN 

The  city  of  Atlanta  next  month 
will  begin  rolling  out  new 
business  intelligence  software 
to  all  city  agencies  in  a  project 
aimed  at  providing  —  for  the 
first  time  —  visibility  into 
their  combined  performance. 

The  city  plans  to  roll  out 
Cognos  8  BI  software  from 
Ottawa-based  Cognos  Inc.  to 
about  1,000  users  over  the  next 
12  to  18  months,  officials  said. 

Chuck  Meadows,  Atlanta’s 
chief  of  budget  and  fiscal 


Continued  from  page  1 

Oracle  Project 

al  Pty.,  an  Oracle  business  part¬ 
ner  in  Kent  Town,  Australia. 
Most  of  the  custom-built  soft¬ 
ware  that  Oracle  developed  for 
the  water  billing  system  “will 
be  thrown  out,”  and  Oracle  will 
have  “no  part”  in  the  revived 
project,  Phillis  said. 

He  added,  though,  that 
Basis2  will  run  on  top  of  an 
Oracle  database  and  work  with 
a  set  of  Oracle’s  E-Business 
Suite  back-office  applications 
that  are  used  for  a  variety  of 
city  functions,  including  fi¬ 
nance  and  human  resources. 

Phillis  became  acting  CIO  in 
September  after  predecessor 
Dianah  Neff  left  to  work  as  a 
consultant,  and  he  was  given 
the  job  on  a  permanent  basis 
in  late  November. 

Revised  Agreements 

Work  on  the  Basis2  implemen¬ 
tation  began  Dec.  11,  according 
to  a  Prophecy  press  release. 
Phillis  said  that  the  software 
is  running  in  test  mode  and 
that  the  billing  system  should 
be  up  and  running  by  next  De¬ 
cember  —  which  would  meet 
a  goal  of  having  it  in  place  be- 


policy,  said  the  software  will 
be  used  for  tasks  ranging  from 
assessing  the  performance 
metrics  for  repairing  a  pothole 
to  automating  the  aggregation 
of  revenue  from  parks  and  rec¬ 
reation  programs. 

The  city  is  paying  $2.1  mil¬ 
lion  for  the  Cognos  software, 
plus  additional  consulting 
fees,  which  have  yet  to  be  de¬ 
termined,  for  installation.  The 
BI  tools  will  replace  Micro¬ 
soft  Excel  spreadsheets  and 
performance  management 
software  from  CorVu  Corp.  in 
Edina,  Minn. 

The  city  has  used  the  CorVu 
software  since  2002,  and 
although  it  could  be  used  for 
basic  reporting,  “as  we  had  it 
installed  . . .  [it]  wasn’t  robust 


fore  Mayor  John  Street  leaves 
office  in  January  2008. 

In  signing  its  amended 
contract,  Oracle  admitted  no 
wrongdoing  but  agreed  to  the 
$6.9  million  in  payments  and 
givebacks,  Phillis  said.  Among 
other  things,  the  deal  includes 
$1.5  million  to  cover  the  cost  of 
Prophecy’s  software,  a  payback 
of  $1  million  for  prior 
consulting  services  and  a 
promise  not  to  charge  Phila¬ 
delphia  for  another  $1.6  million 
worth  of  work  that  Oracle  per¬ 
formed  before  the  project  was 
suspended. 

Altogether,  the  ex¬ 
pected  cost  of  Project 
Ocean  has  reached  about 
$25  million,  including  Or¬ 
acle’s  givebacks.  But  Phil¬ 
lis  said  that  the  city’s  ex¬ 
penses  have  been  capped 
at  less  than  $19  million. 

Oracle  wouldn’t  com¬ 
ment  on  the  amended 
agreement,  beyond  is¬ 
suing  a  statement  from 
Stephen  Holdridge,  vice 
president  of  the  compa¬ 
ny’s  Oracle  Consulting 
unit.  “Oracle  and  the  city 
have  reached  agreement 
on  an  amendment  to  the 
current  contract  that  de¬ 
fines  a  revised  go-forward 


enough”  for  complex  report¬ 
ing  tasks,  Meadows  said.  As 
a  result,  many  users  reverted 
to  manually  loading  data  into 
Excel  spreadsheets  to  create 
reports  on  the  performance  of 
individual  departments. 

Also,  although  some  city 
departments  perform  similar 
functions,  they  used  different 
techniques  to  report  on  those 
functions.  Meadows  noted. 
‘We  weren’t  able  to  supply  our 
budget  analysts  or  the  chief 
operating  officer  with  real 
good  data  without  pulling  that 
information  manually  through 
those  various  reports  and  pre¬ 
sentations,”  he  said. 

Julie  Godfrey,  global  mar¬ 
keting  director  at  CorVu, 
declined  to  comment  on  the 


plan  to  achieve  the  city’s  objec¬ 
tives,”  Holdridge  said  in  the 
statement. 

Project  Ocean  is  designed 
to  replace  a  30-year-old,  Cobol- 
based  mainframe  application. 
The  project  was  run  by  Phila¬ 
delphia’s  finance  department 
when  it  was  initially  launched 
in  2003;  later  it  was  taken  over 
by  the  mayor’s  Office  of  In¬ 
formation  Services.  Now  it  is 
being  jointly  overseen  by  the 
IT  unit  and  the  city’s  separate 
water  and  water  revenue  de¬ 
partments,  Phillis  said. 


BI  Drivers 


■  Many  organizations  have  op¬ 
timized  operational  processes 
using  ERP  software  but  have 
not  significantly  enhanced  deci¬ 
sion  support  and  analysis. 

■  Growing  compliance  re¬ 
quirements  continue  to  drive 
information  strategies,  which 
increasingly  include  integrated 
management  reporting  pro¬ 
vided  by  BI  tools. 

■  Organizations  are  seeking 
integrated  financial  and  man¬ 
agement  reporting,  planning 
and  budgeting,  and  cost  and 
profitability  scorecarding. 


city’s  decision  to  replace  its 
software. 

The  city,  whose  financial 
department  has  used  Cognos 
tools  for  budgeting  since  2005, 
also  evaluated  BI  options  from 
Oracle  Corp.,  Hyperion  Solu¬ 
tions  Corp.  and  OutlookSoft 


“I  know  it’s  second-guess¬ 
ing,  but  the  city  suffered 
somewhat  by  not  maturing 
the  organization  to  care  for 
a  project  like  this,”  he  said. 
Under  the  new  project  struc¬ 
ture,  he  added,  “we’re  getting 
along  terrifically.  We’re  sing¬ 
ing  ‘Kumbaya’  —  not  well,  but 
we’re  singing  it.” 

Philadelphia  will  be  the  first 
Basis2  user  in  the  U.S.,  and 
Phillis  said  he  is  hiring  20 
contractors  to  work  on  the 
deployment,  including  a  pro¬ 
gram  director.  But  he  said  he 
doesn’t  think  the  city  will 
need  to  do  any  custom¬ 
ization  of  the  software, 
which  he  and  other  city 
officials  were  able  to 
inspect  at  a  comparable 
water  agency  in  the  U.K. 
before  signing  the  deal 
with  Prophecy. 

Phillis  added  that  in  an 
evaluation  of  the  new  fea¬ 
tures  the  city  wants,  such 
as  bill  presentation  en¬ 
hancements  and  expanded 
customer  histories,  Basis2 
scored  higher  than  rival 
products  from  SAP  AG 
and  SPL  WorldGroup  Inc., 
a  San  Francisco-based 
company  that  Oracle  ac¬ 
quired  last  fall.  ► 


Corp.  for  the  new  project. 

Though  the  city  is  current¬ 
ly  installing  Oracle  human 
resources,  finance  and  pro¬ 
curement  software,  officials 
determined  that  Oracle’s  BI 
wouldn’t  allow  departments 
to  create  analysis  models  that 
mirror  the  city’s  unique  busi¬ 
ness  processes,  Meadows  said. 

The  city’s  processes  vary 
from  monitoring  high-end  data 
management  procurements  to 
projects  such  as  monitoring 
the  efficiency  of  garbage  col¬ 
lection,  Meadows  noted. 

Costs  and  Criminals 

“[With  Cognos],  we  will  be 
able  to  look  at  things  like  the 
cost  per  acre  to  maintain  a 
park,  the  cost  per  work  order 
for  field-level  operations  and 
the  average  manpower  and 
materials  costs  to  repair  a 
traffic  light  or  resurface  a 
mile  of  a  city  street,”  Mead¬ 
ows  said. 

In  addition,  he  said  the  new 
BI  software  promises  to  al¬ 
low  the  city  to  track  criminals 
from  their  initial  interactions 
with  law  enforcement  through 
the  judicial  and  correctional 
systems. 

“Now,  we’re  only  able  to  look 
at  those  cases  on  a  department- 
by-department  basis,  without 
the  ability  to  track  them  across 
multiple  departments,”  Mead¬ 
ows  said. 

In  addition,  he  noted,  Cog¬ 
nos  can  easily  utilize  the  city’s 
disparate  data  sources  so  that 
agencies  can  continue  to  use 
existing  work  order  manage¬ 
ment,  fleet  management,  time 
management  and  human  re¬ 
sources  systems. 

Mike  Schiff,  president  and 
analyst  at  MAS  Strategies  in 
Reston,  Va.,  said  that  govern¬ 
ment  agencies  increasingly 
see  performance  manage¬ 
ment  software  as  a  way  to 
help  account  for  expendi¬ 
tures. 

“Voters  want  to  know  what 
is  happening  to  their  money,” 
he  said.  “While  Sarbanes- 
Oxley  is  aiming  [for]  account¬ 
ability  in  the  commercial 
environment,  the  message 
certainly  wasn’t  lost  on  the 
government.  The  use  of  these 
performance  management  so¬ 
lutions  is  accelerating." » 


Philadelphia  CIO  TERRY  PHILLIS  says  most 
of  the  custom-built  software  that  Oracle  devel¬ 
oped  for  the  city’s  Project  Ocean  water  billing 
system  “will  be  thrown  out.” 
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DON  TENNANT 


A  Wake-up  Call 


EARLIER  THIS  MONTH,  we  received  an 
e-mail  from  a  reader  who  wrote  in  re¬ 
sponse  to  an  article  on  our  Web  site  about 
the  possibility  that  Congress  will  raise  the 
cap  on  H-1B  visas  this  year.  That  the  reader 
felt  strongly  enough  about  the  issue  to  take  the  time  to 
write  is  commendable,  and  all  of  us  at  Computerworld 
sincerely  value  and  appreciate  the  feedback. 


That  said,  I’m  going 
to  share  with  you  the 
verbatim,  unedited  text 
of  the  e-mail,  because  it 
demonstrates  a  point  that 
warrants  consideration.  It 
reads  as  follows: 

“Why  invest  the  time 
and  money  to  go  into  a 
hi  tech  career  when  your 
jobs  a  commodity  (com¬ 
modities  are  risky  and 
these  aren’t  low  skill  jobs 
we’re  talking  about).  And 
they  wonder  why  people 
in  the  US  aren’t  chosing  those  ca¬ 
reers  and  there’s  shortage?  Show’s 
how  stupid  they  think  we  are.  As  for 
the  future  I  can  only  speak  about  my 
3  kids,  I’m  advising  them  away  for 
the  computer  tech  type  careers.” 

I  can  honestly  say  that  the  corre¬ 
spondent’s  inexplicable  failure  to 
demonstrate  even  a  basic  ability  to 
communicate  on  a  professional  level 
doesn’t  cause  me  to  value  or  appreci¬ 
ate  his  feedback  any  less.  But  I  don’t 
pay  this  guy’s  salary  or  depend  on 
the  quality  of  his  work.  The  fact  is, 
we  receive  a  lot  of  correspondence 
like  this  from  IT  professionals,  and 
somebody  needs  to  give  them  a  wake- 
up  call.  So  here  it  is: 

Good  morning.  The  world  and 
your  profession  have  dramatically 
changed.  You  are  competing  against 
t  he  best  and  brightest  from  all  over 
the  world,  and  it  is  essential  that  ev¬ 
erything  you  do  in  your  capacity  as 
an  IT  professional  be  characterized 
by  a  demonstrated  commitment  to 
quality.  If  any  standard  other  than 
excellence  is  acceptable  to  you,  you 
stand  very  little  chance  of  progress¬ 
ing  in  your  career.  Have  a  nice  day. 


DON  TENNANT  is  editor 
in  chief  of  Computerworld. 
Contact  him  at  donjennair 
computerworld.com. 


Obviously,  it’s  impos¬ 
sible  to  accurately  assess 
the  capacity  and  work 
ethic  of  an  individual 
based  on  the  effort  he 
expends  in  providing 
feedback  about  an  article 
he  has  read  online.  But 
when  you  consider  the 
critical  nature  of  ef¬ 
fective  communication 
and  how  essential  that 
skill  is  in  an  IT  environ¬ 
ment,  it’s  very  difficult  to 
entirely  dismiss  such  a 
clear  demonstration  of  an  individual 
being  satisfied  with  mediocrity. 

No,  I  don’t  value  this  reader’s 
viewpoint  any  less,  but  this  e-mail  is 
enough  to  tell  me  that  he  just  doesn’t 
get  it.  Anyone  who  is  willing  do  be 
associated  with  any  undertaking 

—  even  one  as  relatively  trivial  as  this 

—  that  is  so  poorly  executed  simply 


does  not  understand  how  very  high 
the  employment  stakes  are. 

When  you  read  our  feature  titled 
“Swimming  in  the  Global  Talent  Pool” 
(page  25),  you’ll  see  what  I’m  talking 
about.  Like  it  or  not,  employers  are 
feeling  less  and  less  constrained  by 
political  or  geographical  boundaries 
when  they’re  searching  for  IT  skills. 
And  as  one  recruiting  consultant  put 
it,  “If  you’re  45  and  plan  to  work  until 
you’re  65,  you’re  going  to  be  forced  to 
embrace  this.” 

Clearly,  not  everyone  has  the 
wherewithal  to  follow  the  lead  of 
Matt  Sorge,  a  U.S.  citizen  and  MIT 
graduate  who’s  gaining  global  mar¬ 
ketability  by  undergoing  training  in 
India.  But  everyone  does  have  the 
wherewithal  to  demand  excellence 
of  himself. 

Expressions  of  exasperation  and 
denunciations  of  IT  as  a  career  field 
from  people  who  find  mediocrity  ac¬ 
ceptable  are  getting  tiresome.  Gart¬ 
ner  analyst  Diane  Morello  nailed 
the  problem  with  her  observation 
that  “many  people  sleepwalk  through 
their  careers.”  The  “good  enough” 
attitude  inherent  in  that  just  isn’t 
good  enough  anymore.  It’s  a  shame 
that  hasn’t  yet  dawned  on  our  H-1B- 
fearing  correspondent.  * 

no 


JOHN  D.  HALAMKA 

Conservation 
Of  Aggravation 

The  FIRST  LAW  of  ther¬ 
modynamics  tells  us 
that  energy  is  neither 
created  nor  destroyed;  it  is 

simply  converted  from  one  form  to 
another. 

For  IT  professionals,  I  believe  in 
the  first  law  of  project  dynamics: 
Aggravation  is  neither  created  nor 
destroyed;  it  is  simply  converted  from 
one  project  to  another. 

As  CIO  of  Harvard  Medical  School 
and  Beth  Israel  Deaconess  Medical 
Center,  I  oversee  200  projects  a  year. 
Here  are  a  few  examples  of  the  Law  of 
Conservation  of  Aggravation. 

In  2003,  we  had  a  growing  problem 
with  spam,  and  I  was  receiving  many 
requests  each  day  to  implement  a  cen¬ 
tralized  spam  filter.  We  initially  tried 
SpamAssassin  but  found  that  it  didn’t 
work  well  in  a  medical  environment: 

It  couldn’t  distinguish 
between  advertise¬ 
ments  for  enlarging 
body  parts  and  physi¬ 
cian  referrals  to  clin¬ 
ics  for  diseases  affect¬ 
ing  body  parts.  We 
wanted  very  few  false 
positives  (real  mail 
marked  as  spam  and 
trapped  by  the  filter), 
so  we  implemented 
Brightmail,  now  a 
Symantec  product. 

It  has  worked  well, 
but  I  now  receive 
many  requests  a  day 
to  relax  the  spam 
filters  because  they 
are  blocking  “impor¬ 
tant  business  e-mail” 
such  as  eBay  receipts, 
newsletters  from 
professional  sports 
organizations  and  casual  correspon¬ 
dence  (Subject:  Hi!)  from  friends  and 
relatives.  Aggravation  has  been  con¬ 
served. 

In  2002,  Beth  Israel  Deaconess 
experienced  a  network  outage  that 
lasted  a  day  and  a  half  after  a  misper¬ 
forming  application  flooded  the  net¬ 
work  and  overwhelmed  the  spanning 
tree  algorithm  in  our  older  network 
gear.  In  2003,  SQL  Slammer  and  other 
Microsoft-related  security  problems 
caused  server  downtime.  As  a  result, 


JOHN  D.  HALAMKA 

isCIOatCareGroup 
Healthcare  System,  CIO 
and  associate  dean  for 
educational  technology  at 
Harvard  Medical  School, 
chairman  of  the  New 
England  Health  Electronic 
Data  Interchange  Network, 
CIO  of  the  Harvard  Clinical 
Research  Institute  and 
a  practicing  emergency 
physician.  Contact  him 
at  jhalamka@caregroup. 
harvard.edu. 


www.computerworld.com 


OPINION 


January  15, 2097  COMPUTERWORLD 


17 


I  spent  a  year  creating  highly  redun¬ 
dant  state-of-the-art  networks,  server 
clusters  and  virtualized  central  storage. 
Uptime  in  the  period  covering  2004  to 
the  present  has  exceeded  99.9%  for  all 
applications  and  services. 

Of  course,  on  rare  occasions,  I  need 
to  take  down  an  application  to  upgrade 
hardware  or  firmware.  But  trying  to 
find  an  acceptable  15-minute  window 
to  take  down  IT  services  for  a  large 
metropolitan  hospital  is  nearly  impos¬ 
sible.  Sunday  at  4  a.m.?  Trauma  pa¬ 
tients  could  be  arriving  in  the  ER  then. 
By  providing  99.9%  reliability,  we  have 
made  downtime  unacceptable.  Aggra¬ 
vation  has  been  conserved. 

In  2006,  we  implemented  electronic 


prescribing  for  our  clinicians.  We  re¬ 
placed  unreadable,  handwritten  and 
free-text  typed  instructions  (“Take 
some  Tylenol”)  with  structured, 
standards-based,  secure  electronic 
messaging  from  doctor  to  pharmacy. 
Clinicians  welcomed  the  idea  of  more 
accurate,  safer  medication  practices 
that  would  require  fewer  callbacks 
from  pharmacists  with  questions  about 
handwritten  prescriptions. 

However,  clinicians  rapidly  discov¬ 
ered  that  older  prescriptions  that  had 
been  written  before  the  new  system 
was  implemented  with  its  require¬ 
ments  for  structured  prescribing  had 
to  be  retyped.  The  computer  couldn’t 
automatically  convert  “Take  some 


Tylenol”  to  “Take  Tylenol  1-2  tabs 
every  4-6  hours  as  needed  for  pain.” 
The  clinicians  wanted  both  accuracy 
and  ambiguity  to  be  acceptable  si¬ 
multaneously.  Aggravation  has  been 
conserved. 

Writing  this  has  made  me  feel  much 
better.  But  will  the  catharsis  of  having 
shared  the  challenges  of  being  an  IT 
professional  lead  to  less  aggravation? 
Nope.  Within  48  hours  of  this  column 
being  published,  25  salespeople  will 
call  or  e-mail  me  (note  that  my  e-mail 
address  is  published  as  well)  to  tell 
me  about  their  companies’  antispam 
applications,  which  can  block  all  bad 
e-mails  while  allowing  the  e-mail  of 
the  eBay/sports/casual  variety  to  get 


through;  or  about  their  highly  reliable 
infrastructure  components,  which 
require  no  maintenance;  or  about 
e-prescription  systems  that  do  ev¬ 
erything  for  everyone.  Some  of  these 
e-mailed  sales  offers  will  make  it 
through  the  spam  filter.  (Do  these  folks 
believe  that  CIOs  have  the  time  to  read 
unsolicited  sales  e-mails?)  Some  sales¬ 
people  will  pester  my  assistant  on  the 
phone  to  the  point  that  she  will  whim¬ 
per  in  frustration.  I  have  no  doubt  that 
aggravation  will  be  conserved!  * 

WANT  OUR  OPINION? 

OMore  columnists  and  links  to  archives  of  previous 
columns  are  on  our  Web  site: 

www.computerworld.com/columns 
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S0A:  The  More 
Things  Change . . . 

WHILE  THE  underlying  tech¬ 
nologies  that  enable  a  service- 
oriented  architecture  are  new,  such 
as  the  Internet  and  Java,  neither 
the  concept  nor  the  best  method  of 
carrying  it  through  is  [“As  Ye  SOA, 

So  Shall  Ye  Reap,"  Opinion,  Oct.  30]. 
Modular  software  construction  was 
identified  as  the  key  to  the  economi¬ 
cal  construction  of  stable  code  as 
long  as  40  years  ago.  The  so-called 
waterfall  is  a  perversion  of  the  ne¬ 
cessity  to  develop  working  code  in 
a  series  of  temporal  steps,  because 
you  must  know  what  a  block  of 
code  is  to  do  before  you  can  cor¬ 
rectly  design  it,  you  must  design  it 
to  ensure  it  will  do  exactly  and  only 
what  you  want  it  to  do,  you  cannot 
implement  an  algorithm  that  has  not 
been  designed,  and  you  cannot  test 
code  until  it  is  written.  These  steps 
are  not  an  “approach”;  they  are  the 
only  alternative  to  making  it  all  up  as 
you  go,  an  endless  cycle  of  trial  and 
error  -  mostly  error. 

It  is  not,  however,  necessary  to 
design  ail  the  code  before  any  code 
is  written,  nor  is  it  prohibited  to  go 
back  to  the  beginning  if  the  users, 
while  watching  testing,  decide  that 
they  gave  the  wrong  requirements 
at  the  start.  The  most  stringent  of  all 
waterfall  paradigms,  Department  of 
Defense  Standard  2167A,  does  not 
prohibit  iteration  -  it  provides  for  it. 
The  real  paradigm  is  not  a  waterfall; 
it  is  a  spiral  -  whenever  necessary, 
the  process  reverts  to  an  earlier 
point  and  is  redone  from  there.  In 


point  of  fact,  the  more  time,  effort 
and  care  invested  in  specification 
and  design,  the  less  effort  will  be 
required  in  testing  and  documenta¬ 
tion,  and  the  less  rework  will  be 
needed. 

As  for  silos  of  developers,  that  too 
is  not  a  “practice"  but  an  artifact. 
Few  people  are  as  comfortable  and 
skilled  with  every  step  in  the  proc¬ 
ess  as  they  are  with  their  favorite 
step,  so  they  become  specialists: 
business  analysts,  architects,  cod¬ 
ers  and  testers,  some  of  whom  com¬ 
municate  poorly  with  others  due  to 
personality  differences. 

It  is  the  obligation  of  the  project 
manager  to  ensure  that  these 
personal  matters  do  not  obstruct 
full  and  effective  communication 
among  all  members  of  the  team, 
whether  introvert  or  extrovert,  linear 
or  gestalt  thinker,  business  person 
or  technology  enthusiast.  That 
the  product  of  one  "step"  may  be 
thrown  at  the  workers  perform¬ 
ing  the  next  is  not  a  feature  of  the 
software  development  life  cycle;  it 
is  a  bug. 

The  key  to  SOA,  as  with  all  sys¬ 
tems,  is  architectural  granularity. 

Whether  or  not  the  code  is  intend¬ 
ed  to  be  reused,  it  will  be  reused, 
sooner  or  later,  for  something,  and  it 
will  be  easier  to  reuse  and  easier  to 
maintain  if  the  system  is  highly  co¬ 
hesive  and  loosely  coupled  -  each 
module  (or  service)  does  essentially 
one  useful,  frequently  needed  and 
sharply  defined  function,  and  each 
module  (or  service)  is  essentially 
independent  in  function  and  opera¬ 
tion  from  every  other.  The  necessity 


for  sound  requirements  analysis  and 
thorough  design  is  thus  even  great¬ 
er,  if  that  were  possible,  for  SOA  to 
achieve  its  benefits.  The  alternative 
is  the  equivalent  of  Windows  “DLL 
hell,”  a  nightmare  tangle  of  prolifer¬ 
ated  “services,"  many  of  them  partly 
redundant,  none  of  them  truly  inde¬ 
pendent,  whose  collective  behavior 
is  unstable  over  a  time  frame  as 
short  as  one  week. 

So,  as  the  French  say,  “although 
everything  changes,  everything 
stays  the  same."  SOA  is  the  latest 
technical  means  for  implementing 
essentially  the  same  thing  -  struc¬ 
tured  code  that  does  precisely  what 
it  is  supposed  to,  operates  correctly 
for  long,  continuous  periods  and 
does  not  get  more  expensive  to 
change  as  it  gets  older. 

David  P.  Vernon 
Tucson,  Ariz. 


Techies  Need  to  Be 
Managed  by  Techies 

I  AGREE  WITH  everything  that 
“C.J.  Kelly”  wrote  about  the  value 
of  technical  skills  in  management 
positions  [“Can  a  Manager  Be 
a  Techie  and  Survive?"  Security 
Manager’s  Journal,  Nov.  20],  with 
one  caveat.  I  came  up  through  the 
ranks  as  a  programmer  and  network 
engineer.  I  have  learned  that  as  we 
move  up  through  management,  it's 
important  to  change  our  perspec¬ 
tive  on  the  world. 

As  a  programmer  or  engineer,  I 
saw  things  as  a  series  of  technical 
challenges.  Reaching  the  first  layer 
of  management,  I  had  to  begin  to 


see  the  bigger  picture  -  not  all 
solutions  or  actions  I  took  could  be 
technology-driven.  Business  objec¬ 
tives  had  to  be  considered.  As  a 
director,  the  vast  majority  of  my  time 
is  spent  strategizing  and  building 
relationships.  As  long  as  IT  manag¬ 
ers  understand  what  matters  most 
to  the  business  as  they  progress  up 
the  ladder,  keeping  their  technical 
skills  honed  is  not  a  bad  idea. 

Tom  Olzak 

Director,  information  security, 
HCR  Manor  Care,  Toledo,  Ohio, 
tolzak@hcr-manorcare.com 


I'VE  NOTICED  that  people  who 
think  they  can  manage  others 
without  any  real  knowledge  of  what 
their  reports  do  tend  to  be  the  sort 
of  people  who  think  the  whole  world 
is  a  matter  of  opinion.  In  the  tech 
world,  a  boss  who  doesn’t  have 
any  technical  sense  is  nothing  but 
a  liability.  What  I  don't  understand 
is  why  this  idea  that  nontechies 
can  manage  techies  is  so  common 
in  the  computer  technical  field.  I 
don’t  think  it’s  that  way  in,  say,  con¬ 
struction.  If  it  were,  we'd  have  a  lot 
more  buildings  and  bridges  simply 
collapsing  a  few  weeks  after  they 
were  built. 

Paul  Davis 

Computer  support  technician, 
Fort  Collins,  Colo. 


I  RECEIVED  MY  MBA  in  informa¬ 
tion  systems  in  May.  I  would  like 
to  be  a  manager  in  IT  security,  but  I 
realize  that  I  need  technical  as  well 
as  managerial  tools.  I  don’t  want  to 
be  one  of  those  managers  who  says, 


“Do  this,"  and  then  can't  figure  out 
how  “this”  gets  done  when  there’s 
a  problem.  To  fix  that,  I  will  be 
working  on  certifications  in  security 
and  networking  to  get  some  of  the 
technical  background  necessary  to 
successfully  merge  the  two  aspects 
of  the  position. 

Jennifer  Hawk 

Philadelphia, 

jatalb@yahoo.com 


I’VE  INVESTED  an  incalculable 
amount  of  time  on  my  technical 
skills.  I’ve  always  found  it  difficult  to 
work  with  managers  who  aren't  at 
least  somewhat  technical,  but  those 
who  could  get  in  the  trenches  with 
me  to  do  what  needed  to  be  done 
are  few  and  far  between.  While  I  can 
work  with  a  nontechnical  manager,  I 
find  that  I  always  am  thinking,  "Ho w 
can  this  person  truly  evaluate  my 
technical  skills?"  Or,  “How  can  this 
person  help  make  the  decisions  that 
need  to  be  made?” 

Being  able  to  speak  both  geek  and 
business  is  very  valuable  -  to  both 
management  and  the  implementers. 
Justin  F.  Knox 
Network  administrator, 

East  Hampton,  Conn. 
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OPINION 

Microsoft  Excels  With 
Four  Business  Models 

Mark  Willoughby  says  Microsoft  has  joined  an 
elite  club  of  companies  that  can  make  money 
in  four  different  business  models.  PAGE  24 


SECURITY  MANAGER’S  JOURNAL 

Laying  a  New  Year’s  Course  for  Security 

A  new  year  is  a  time  for  a  fresh  start.  What  better  time  to 
decide  which  projects  will  get  attention?  C.J.  Kelly  has  already 
given  a  thumbs  up  to  encryption  and  a  thumbs 
down  to  a  Vista  upgrade.  PAGE  23 


PRINTERS 


The  blaster  worm  hit  McCor¬ 
mick  and  Co.  hard  and  fast.  It 
entered  the  famous  spice  com¬ 
pany  through  a  service  provider 
connection  and  ripped  across 
plants  and  offices  in  a  matter  of 
hours.  What  was  most  vexing, 
however,  was  that  the  virus  kept 
coming  back  on  disinfected  network  segments. 

Upon  further  investigation,  it  turned  out  that  Blast¬ 
er,  as  well  as  some  instances  of  the  Sasser  worm,  were 
trying  to  repropagate  from  infected  network  printers. 

“Printers  were  just  one  of  several  types  of  systems 
contributing  to  the  nightmare  at  the  time,”  says 
Michael  Rossman,  who’d  just  taken  over  as  global 
director  of  IT  services  and  information  security  at 
McCormick  at  the  time  of  the  worm  outbreak  in  2003. 
“Blaster  went  to  all  our  PCs,  our  radio  frequency 
units,  our  handhelds.  And,  we  learned  belatedly, 
it  also  spread  to  our  printers.” 

Blaster  and  Sasser  gave  IT  execs  some  religion  about 
the  vulnerabilities  network  printers  can  introduce  to 
corporate  networks,  Rossman  says.  Since  then,  how¬ 
ever,  there  has  been  little  evidence  of  printer-based 
attacks  spreading  across  large  networks.  Corporate  IT 

Continued  on  page  20 


QUICXSTUDY 

Graphic  File  Formats 

Ever  wonder  what  the  file  extensions 


.bmp.  .gif,  .jpg  and  .tif  really  mean?  This 
tutorial  explains  the  pros  and  cons  of 
each 


JP 


yes,  printers  —  can  open  your  corporate  network 


>  malicious  attacks.  They  need  security  patches,  too. 


.INFRASTRUCTURE  LOG 


_DAY  44:  This  lack  of  productivity  is  out  of  control. 
What  we’re  using  isn’t  working.  Gil’s  had  enough. 

He  moved  everyone  into  one  cubicle.  A  “collaboration” 
cubicle.  We  need  a  better  idea. 


_DAY  46:  I’m  going  with  IBM  Lotus®  Notes®  and  Domino? 
It’s  more  than  e-mail;  it’s  an  open  platform  designed 
for  collaboration.  It  has  proven  security  features  and 
productivity  enhancers  like  document  sharing  and  custom 
app  development.  And  it’s  flexible  enough  to  integrate 
across  multiple  platforms,  including  J2EE'“  and  Linux? 


_0K,  who  sat  on  my  lunch? 


Lotus 


IBM  the  IBM  logo,  Lotus,  Notes  and  Domino  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States,  other  countries  or  both.  Linux  is  a  registered  trademark  of  Linus  Torviids  1 1  me 
United  States,  other  countries,  or  both.  Java  and  all  Java-based  trademarks  are  trademarks  of  Sun  Microsystems,  Inc.  in  the  United  States,  other  countries,  or  both.  ©Copyright  IBM  Corporation  2006.  All  rights  reserved 
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shops  haven’t  been  concerned  about  printer  security. 
Instead  of  patching  and  hardening  printers,  they  have 
been  complacent.  Security  experts  say  that  printers 
are  loaded  with  more  complex  applications  than  ever, 
running  every  vulnerable  service  imaginable,  with 
little  or  no  risk  management  or  oversight. 

If  these  systems  aren’t  hardened,  users  may  soon 
find  their  printers  rendered  inaccessible  by  attackers, 
their  valuable  documents  heisted  or  their  printers 
turned  into  remote-controlled  bots  —  launching  pads 
for  further  attacks. 

The  problem,  of  course,  is  that  printers  aren’t  on 
the  agendas  of  many  security  managers.  “It’s  been  my 
experience  that  these  devices  have  been  completely 
overlooked  from  a  risk  management  perspective,” 
says  security  researcher  Brendan  O’Connor.  “They’re 
installed.  They  work.  And  nobody  pays  them  any  at¬ 
tention  until  it’s  time  to  install  a  new  paper  tray  or 
print  cartridge.” 

Not  So  Dumb 

In  essence,  networked  printers  need  to  be  treated  like 
servers  or  workstations  for  security  purposes  —  not 
like  dumb  peripherals. 

At  the  Black  Hat  conference  in  Las  Vegas  in  August, 
O’Connor  delivered  a  blow-by-blow  presentation 
on  how  to  bypass  authentication,  inject  commands 
at  the  root  level  and  create  shell  code  to  take  over 
printers  in  Xerox  Corp.’s  WorkCentre  line  of  printers, 
which  run  on  Linux  operating  systems. 

He  described  the  kinds  of  mischief  you  could  do 
with  a  compromised  printer,  including  password- 
catching,  password-snarfing  (changing  passwords), 
hijacking  functions,  grabbing  print  jobs  and  playing 
with  a  billing  program. 

O’Connor,  who  says  he  has  proved  in  his  research 
lab  that  these  hacks  are  possible,  showed  a  video  of 
himself  exploiting  these  vulnerabilities  in  his  lab 
during  his  Black  Hat  presentation. 

“There  are  actually  a  quite  a  few  attack  vectors  in 
these  printers,”  says  O’Connor,  who  by  day  is  a  se¬ 
curity  engineer  at  a  Midwest  financial  services  com¬ 
pany  he  wouldn’t  name.  “I  shared  a  couple  in  my  talk, 
and  I  released  a  couple  others  privately  to  Xerox.” 

Xerox  thanked  O’Connor  for  his  research  and  is¬ 
sued  a  patch,  according  to  the  IDG  News  Service, 
though  O’Connor  says  vulnerabilities  remain. 

The  question  remains  how  many  IT  departments 
apply  security  patches  to  their  printers.  “One  of  the 
reasons  this  is  a  particularly  nasty  problem  is  that 
people  don’t  update  their  printer  software,”  security 
technologist  Bruce  Schneier  wrote  in  his  blog.  “And 
what  about  printers  whose  code  can’t  be  patched?” 
asked  Schneier,  who  is  chief  technology  officer  at 
BT  Counterpane  Internet  Security  Inc.  in  Mountain 
View,  Calif. 

The  apathy  toward  printer  security  isn’t  surprising, 
since  printer  attacks  have  been  few  and  far  between  in 
recent  years.  That’s  mostly  because,  right  now,  it’s  eas¬ 
ier  just  to  hack  PCs  and  laptops,  says  Dean  Turner,  se¬ 
nior  manager  for  security  response  at  Symantec  Corp. 

But  as  those  systems  become  more  secure  through 
tougher  security  standards  and  best  practices,  attackers 
will  turn  their  tools  to  the  next  low-hanging  fruit.  Turn¬ 
er  says.  And  unprotected  printers  are  a  logical  target. 

Last  year,  Symantec  logged  12  new  security  vul¬ 


m 

Network  printers  have  more 
vulnerable  services  running  on 
them  than  networked  PCs  do. 

POSSIBLE  ATTACKS 

SOLUTIONS 

■  Remote  code  execution. 

■  Sniffing  (for  passwords 
and  network  information) 

■  Capture  of  intellectual 
property  from  docu¬ 
ments  in  queue  or 

in  local  memory 

■  Root  control  of  printer 
services 

■  Disable  services  you 
don't  need. 

■  Use  vendor-provided 
document  protection 
features. 

■  Change  default  pass¬ 
words  and  encrypt  them. 

_ _  ..  __  _ 

Network  printer  applications  have 
a  growing  number  of  vulnerabilities. 

POSSIBLE  ATTACKS 

SOLUTIONS 

■  Buffer  overflows 

■  Cross-site  scripting  and 
other  common  attack 
methods  that  disable 
an  application  and  gain 
root  control 

■  Perform  better  code 
review. 

■  Adopt  more  secure  ap¬ 
plication  development 
processes. 

. 

Web  interfaces,  Web  servers, 

Web  pages  and  e-mail  are  opening 
printers  directly  to  the  World  Wide  Web. 

POSSIBLE  ATTACKS 

SOLUTIONS 

■  Hijacking  or  impersonat- 
>  ing  a  remote  administra¬ 
tor  or  user  session 

■  Turn  off  Web  connections 
unless  absolutely  needed. 

■  Use  strong  authentication 
for  remote  administration. 

■  Malicious  code  injection 

■  Remote  control  of  printer 

■  Change  default  passwords. 

.A:  '/  . 

nerabilities  for  five  network  printer  brands:  Brother, 
Canon,  Epson,  Fujitsu,  Hewlett-Packard,  Lexmark 
and  Xerox.  Twelve  may  seem  like  an  insignificant 
number,  but  keep  in  mind  that  it’s  greater  than  the 
number  of  printer-specific  vulnerabilities  found  in 


2005  (10).  And  the  number  of  such  vulnerabilities 


found  in  the  past  two  years  account  for  nearly  half  of 
all  printer  vulnerabilities  identified  since  1997  (52). 

This  means  we’re  in  the  preattack  stage  with  print¬ 
ers,  says  Chris  Wysopal,  former  director  of  research 
and  development  at  @Stake  Inc.,  a  security  vulner¬ 
ability  assessment  firm  that  was  acquired  by  Syman¬ 
tec.  Printers,  he  says,  are  on  the  radar  screen  of  the 
hacking  community,  so  it’s  only  a  matter  of  time  be¬ 
fore  PCs  and  workstations  get  hardened  and  attackers 
start  delivering  attacks  to  printers.  Wysopal  recalls 


that  while  working  in  the  vulnerability  research  lab  at 
@Stake,  he  hacked  into  a  printer  through  the  infrared 
port  and  changed  the  administrator  password. 

There’s  a  common  impression  that  printers  are  vul¬ 
nerable  to  attacks  only  from  inside  a  company’s  LAN 
or  via  remote  log-in  to  a  company’s  virtual  private 
network,  researchers  say.  But  that’s  not  true,  says 
Alan  Paller,  research  director  at  the  SANS  Institute  in 
Bethesda,  Md. 

“Five  years  ago,  four  HP  Jetdirect  printer  control¬ 
lers  were  used  in  a  denial-of-service  attack  that  took 
down  an  ISP  in  New  Mexico,”  says  Paller.  “And  more 
recently,  shared  printers  have  become  back  doors 
that  allow  attackers  to  bridge  from  low-security  areas 
to  high-security  areas.” 

All  it  takes  is  any  remote  code-execution  vulner¬ 
ability,  such  as  a  buffer  overflow  or  cross-site  script¬ 
ing  weakness,  to  spread  a  bot  to  the  printer  or  use  the 
printer  as  a  launching  pad  for  other  attacks,  says  La¬ 
mar  Bailey,  senior  operations  manager  of  X-Force,  a 
threat  analysis  service  of  Atlanta-based  IBM  Internet 
Security  Systems.  ISS  keeps  a  dozen  printers  in  its 
security  lab  so  it  can  test  new  vulnerabilities. 

And,  despite  opinions  to  the  contrary,  network 
printers  are  also  already  at  risk  of  direct  Internet  at¬ 
tacks,  say  researchers.  The  first,  and  most  obvious, 
link  is  when  organizations  put  network  printers  out¬ 
side  the  corporate  firewall  to  make  remote  printing 
easier  for  employees.  This  is  something  O’Connor, 
Wysopal  and  Turner  all  say  they  have  seen  too  fre¬ 
quently  in  their  vulnerability  assessments  for  clients. 

Furthermore,  online  print-from-anywhere  services 
are  also  direct  points  of  attack  from  the  Web.  Some 
of  these  interfaces  include  embedded  Web  servers 
and/or  Web  pages  with  IP  addresses.  This  is  why,  as 
part  of  its  risk  management  policy,  McCormick  turns 
off  remote  print  services,  says  Rossman. 

Patch  Management 

Of  all  protective  measures  to  be  taken  on  these  em¬ 
bedded  devices,  system  hardening  and  patch  man¬ 
agement  are  the  most  critical,  according  to  security 
experts.  McCormick  relies  on  its  printer  vendors  to 
distribute  firmware  updates  and  software  patches, 
says  Rossman,  while  other  administrative  chores 
are  handled  in-house.  But  Paller  says  vendors,  in 
their  attempt  to  offer  more  services  and  uses  to  their 
customers,  actually  make  it  hard  to  turn  off  default 
services  and  change  passwords. 

Vendors  have  made  some  advances  in  filtering, 
document  protection  and  access  controls,  but  they’ve 
made  little  headway  in  comprehensive  patch  manage¬ 
ment  and  system-hardening  processes.  O’Connor  says 
vendors  aren’t  always  forthcoming  with  new  vulner¬ 
ability  and  patch  information,  making  it  difficult  for 
IT  to  manage  what  is  still  mostly  a  manual  process. 

Until  vendors  work  these  things  out  and  users  start 
treating  printers  like  the  points  of  risk  they  are,  net¬ 
work  printers  will  continue  to  be  sitting  ducks,  wait¬ 
ing  for  attackers  to  pounce. 

“Network  printers  are  large  print  devices  with  em¬ 
bedded  Windows  systems  that  are  interacting  with 
the  network  just  like  any  other  Windows-based  sys¬ 
tem,”  says  Rossman.  “They  need  to  be  secured.”  • 


Radclijf  is  a  freelance  security  writer  in  Northern 
California.  She  can  be  reached  at  deb@radcliff.com. 


.INFRASTRUCTURE  LOG 


_DAY  18:  Everything  is  frozen.  It’s  our  processes.  f  —  —  y 

They’re  inflexible.  We  can’t  respond  to  change. 


_Why  did  we  lock  ourselves  in  like  this?  Brrrr. 


_DAY  19:  A  way  out.  IBM  WebSphere  middleware  for 
Business  Process  Management.  It  lets  us  streamline 
business  tasks.  We  can  test  our  processes  before  we 
roll  them  out  and  monitor  performance  once  they’re 
deployed,  and  reuse  is  easy  because  it’s  based  on  a 
service  oriented  architecture. 

.Everything’s  unfrozen  now.  Wow,  it’s  good  to  feel 
my  toes  again. 


WebSphere 


Take  the  BPM  with  SOA  Assessment  at: 

IBM.COM/TAKEBAQKCONTROL/PROCESS 


IBM  logo  and  WebSphere  are  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  ©2006  IBM  Corporation.  All  rights  reserved. 


n 


COMPUTERWORLD  January  15, 2007 


TECHN0L06Y 


www.computerworld.com 


Graphic  File 
Formats 


DEFINITION 

Graphic  images  are  stored  digitally 
using  a  small  number  of  standard¬ 
ized  graphic  file  formats,  including 
bit  map,  TIFF,  JPEG,  GIF,  PNG; 
they  can  also  be  stored  as  raw, 
unprocessed  data. 


BY  RUSSELL  KAY 

HERE  ARE  likely  bil¬ 
lions  of  graphic  im¬ 
ages  available  on  the 
World  Wide  Web, 
and  with  few  exceptions,  al¬ 
most  any  user  can  view  any  of 
them  with  no  difficulty.  This 
is  because  all  those  images 
are  stored  in  what  amounts  to 
a  handful  of  file  formats.  Be¬ 
fore  discussing  the  principal 
graphics  file  formats,  however, 
we  need  to  review  the  two 
fundamental  types  of  graphics: 
raster  and  vector. 

A  raster  image  is  like  a  photo 
in  your  newspaper.  Look  close¬ 
ly  and  you’ll  see  it’s  made  up  of 
equally  spaced  round 
dots  in  several  distinct 
colors.  But  if  you  look 
at  an  ad  featuring  a  line 
drawing  or,  better  yet, 
a  banner  headline,  you 
won’t  see  an  interrupted  line  of 
dots  but  a  solid  image  bounded 
by  smooth  curves.  Those  are 
vector  graphics.  Many  graph¬ 
ics  are  created  as  vector  graph¬ 
ics  and  then  published  as  raster 
images. 

Most  graphics  that  we  see 
on-screen,  and  many  that  are 
printed  on  paper,  are  actually 
structured  as  rectangular  grids 
of  pixels  or  colored  dots.  A 
full-color  image  requires  more 
color  information  than  a  black- 
and-white  image.  Some  types 
of  graphics  use  geometric 
functions  that  allow  them  to  be 
scaled  up  or  down  in  size. 

One  final  distinction  should 
be  made  between  how  an  im¬ 
age  is  stored  (its  graphic  file 


format)  and  how  it  is  gener¬ 
ated  for  viewing  by  the  end 
user.  Most  devices  that  output 
images,  whether  they  be  moni¬ 
tors,  TVs  or  ink-jet  printers, 
actually  produce  raster  output. 
They  create  successive  minus¬ 
cule  lines,  each  consisting  of  a 
line  of  dots  of  different  colors 
(and  perhaps  sizes)  that  end 
up  on  the  final  page  as  both 
images  and  letters.  Before  the 
advent  of  modern  high-resolu¬ 
tion  displays,  there  were  CRT 
devices  that  actually  produced 
true  vector  output,  but  those 
are  mainly  history  now.  So  we 
need  to  provide  our  monitors 
or  printers  with  sequences 
of  all  those  colored 
dots.  A  graphic  that  is 
already  rasterized  will 
save  time  and  electrons 
because  it  doesn’t  need 
further  processing  by 
the  computer. 

BMP 

The  simplest  way  to  define 
a  raster  graphic  image  is  by 
using  color-coded  informa¬ 
tion  for  each  pixel  on  each 
row.  This  is  the  basic  bit-map 
format  used  by  Microsoft 
Windows.  The  disadvantage 
of  this  type  of  image  is  that  it 
can  waste  large  amounts  of 
storage.  Where  there’s  an  area 
with  a  solid  color,  for  example, 
we  don’t  need  to  repeat  that 
color  information  for  every 
new  contiguous  pixel.  Instead, 
we  can  instruct  the  computer 
to  repeat  the  current  color  un¬ 
til  we  change  it.  This  type  of 
space-saving  trick  is  the  basis 


of  compression,  which  allows 
us  to  store  the  graphic  using 
fewer  bytes.  Most  Web  graph¬ 
ics  today  are  compressed  so 
that  they  can  be  transmitted 
more  quickly. 

Some  compression  tech¬ 
niques  will  save  space  yet 
preserve  all  the  information 
that’s  in  the  image.  That’s 
called  “lossless”  compression. 
Other  types  of  compression 
can  save  a  lot  more  space,  but 
the  price  you  pay  is  degraded 
image  quality.  This  is  known 
as  “lossy”  compression. 

TIFF 

Most  graphics  file  formats 
were  created  with  a  particular 
use  in  mind,  although  most 
can  be  used  for  a  wide  variety 
of  image  types.  Another  com¬ 
mon  bit-mapped  image  type 
is  Tagged  Image  File  Format, 
which  is  used  in  faxing,  desk¬ 
top  publishing  and  medical 
imaging.  TIFF  is  actually  a 
“container”  that  can  hold  bit 
maps  and  JPEGs  and  allows 
(but  doesn’t  require)  various 
types  of  compression. 

JPEG 

The  Joint  Photographic  Experts 
Group  created  the  JPEG  stan¬ 
dard  in  1990  for  the  efficient 
compression  of  photographic 
images.  JPEG  allows  varying 
levels  of  lossy  compression, 
letting  you  trade  off  quality 
against  file  size.  Progressive 
JPEG  is  a  way  to  rearrange  the 
graphic  data  to  permit  a  rough 
view  of  the  entire  image  even 
when  only  a  small  portion  of 
the  file  has  been  downloaded. 
The  JPEG  standard  includes  29 
distinct  coding  processes,  but 


not  all  of  them  need  to  be  used. 
If  an  image  has  flat  areas  of  sin¬ 
gle  color  that  transition  sharply 
to  contiguous  areas,  JPEG 
doesn’t  work  as  well  as  GIF. 

JPEG  2000  is  a  wavelet- 
based  standard  designed  to 
supersede  the  original.  It  of¬ 
fers  improved  compression, 
including  lossless  compres¬ 
sion,  and  supports  multiple 
resolutions  in  a  single  file,  but 
it  has  only  limited  support  in 
current  Web  browsers. 

GIF 

The  Graphic  Interchange 
Format  takes  an  image  and 
re-creates  it  using  a  palette 
of  no  more  than  256  colors. 
These  palettes  can  be  totally 
different  for  different  images. 
GIF  is  a  very  efficient  format 
that  achieves  very  good  com¬ 
pression  for  nonphotographic 
images.  GIF  also  permits  the 
creation  of  animated  images 
by  allowing  a  file  to  contain 
several  different  frames  (each 
with  its  own  palette)  and  to 
switch  between  them  with  a 
specified  delay.  In  addition, 
GIF  images  are  one  of  the  few 
types  that  can  have  a  transpar¬ 
ent  background,  meaning  that 
there’s  no  need  to  always  dis¬ 
play  a  rectangular  area. 

GIF  was  once  quite  popu¬ 
lar,  but  in  1995,  it  became  the 
centerpiece  of  a  patent  dispute 
that  clouded  the  issue  of  who 
could  use  what.  The  patent 
in  question  was  for  the  LZW 
lossless  compression  algo¬ 
rithm;  it  expired  in  2003. 

PNG 

Portable  Network  Graphics  is 
a  standard  developed  in  1996 


as  an  alternative  to  and  im¬ 
provement  on  GIF,  but  without 
the  patent  issues  and  palette 
restrictions.  PNG  can  com¬ 
press  an  image  more  than  GIF 
and  supports  improved  back¬ 
ground  transparency/opacity 
but  allows  only  single  images, 
without  animation. 

Raw  Data 

As  digital  photography  be¬ 
comes  ubiquitous  and  mul¬ 
timegapixel  digital  cameras 
grow  more  common,  you  may 
hear  more  about  raw  images. 
Most  inexpensive,  consumer- 
grade  digital  cameras  store 
images  as  JPEG  files  (techni¬ 
cally  in  EXIF  format,  a  form 
of  JPEG)  that  involve  the  loss 
of  some  detail.  This  was  done 
initially  to  keep  file  sizes 
small,  when  flash  memory 
storage  was  much  more  expen¬ 
sive  than  it  is  now. 

Some  higher-end  cameras 
now  offer  the  ability  to  save 
all  image  information  as  raw, 
unprocessed  data  in  a  non- 
standardized  format  that  takes 
more  storage  space  but  pre¬ 
vents  the  loss  of  subtle  detail. 

Raw  images  can  be  edited 
with  professional-grade  soft¬ 
ware  and  converted  to  JPEGs 
for  printing  or  other  forms  of 
distribution.  * 


Kay  is  a  Computerworld  con¬ 
tributing  writer  in  Worcester, 
Mass.  You  can  contact  him  at 
russkay@charter.net. 

Are  there  technologies  or  issues  you'd  like 
to  learn  about  in  QuickStudy?  Send  your 
ideas  to  quickstudy@computerworld.com 

To  find  a  complete  archive  of  our 
QuickStudies,  go  online  to 

O  computerworld.com/quickstudies 


Common  Graphics  File  Formats  Compared 


TYPE 

FILE 

EXTENSION 

SSt8”" 

PRINCIPAL 

APPLICATION/USAGE 

PATENTED? 

ORIGINATED  BY 

Graphics 

Interchange  Format 

•gif 

Lempel-Ziv-Welch 
(LZW)  algorithm 

Flat-color  graphics, 
animation 

Expired 

CompuServe 

Joint  Photographic 
Experts  Group 

•jpg 

Loses  some  data 

Photographic 

images 

Disputed 

Joint  Photographic 
Experts  Group 

Portable  Network 
Graphics 

■png 

Lossless 

Replacement  for  GIF 

No 

World  Wide  Web 
Consortium 

Raw  negative 

Various 

None 

High-end  digital  cameras 

No 

Individual  equipment 
makers 

Tagged  Image 

File  Format 

.tif 

Various  or  none 

Document  imaging, 
scanning 

No 

Adobe  Systems  Inc. 

Windows  bit  map 

.bmp 

None 

On-screen  display 

No 

Microsoft  Corp. 

SOURCE  ADAPTED  FROM  “COMPARISON  OF  GRAPHICS  FILE  FORMATS."  AT  WIKIPEDIA.ORG 
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Laying  a  New  Year’s 
Course  for  Security 


It’s  time  for  a  fresh  start.  What  better  op¬ 
portunity  to  decide  which  projects  will  get 
attention  in  coming  months?  By  C.  J.  Kelly 


December  was  a 

complete  blur  for  me. 
After  being  away  for 
training  and  a  vaca¬ 
tion,  I’m  having  a  difficult  time 
getting  my  head  into  what 
needs  to  be  done  at  work  in 
this  new  year.  Things  aren’t 
much  better  at  home,  where 
the  Christmas  tree  stands 
almost  bare,  waiting  to  be  put 
out  of  its  misery,  and 
unwrapped  presents 
are  still  scattered 
about.  At  least  I 
cleaned  my  office  be¬ 
fore  I  went  away. 

But  my  orderly 
desk  disguises  the  fact  that  all 
the  things  that  were  not  com¬ 
pleted  last  year  are  awaiting 
my  attention.  Managing  both 
IT  and  security  gives  me  a  lot 
of  infrastructure  components 
to  think  about,  but  I  like  it  that 
way.  I  can  take  a  more  holistic 
approach. 

Let’s  see:  I  have  to  prepare 
the  IT  spending  plan  for  the 
state  agency,  complete  the 
employee  reviews,  decide  on 
a  document  management  ven¬ 
dor,  define  a  comprehensive 
encryption  initiative,  bring  the 
virtual  private  network  online 
among  our  branch  offices,  pre¬ 
pare  another  security-aware¬ 
ness  training  module,  decide 
whether  dual-core  technology 
has  a  place  on  the  desktop, 
prepare  for  Vista  (or  not) 
and  consider  whether  NAC 
(Cisco’s  Network  Admission 
Control  technology)  is  worth 
pursuing,  as  well  as  how  NAP 
(Microsoft’s  Network  Access 
Protection)  fits  into  the  pic¬ 
ture.  Oh,  and  this  is  the  month 
the  state  auditors  will  peek 
into  our  infrastructure. 

I  need  to  prioritize,  but  that 


isn’t  easy  when  everything 
seems  equally  important. 
Some  people  get  stuck  in  the 
details,  but  I  seem  to  get  stuck 
on  the  big  picture.  Making 
decisions  about  information 
and  security  technologies  is 
similar  to  solving  a  riddle  or 
a  puzzle.  The  clues  have  to  be 
examined  and  the  pieces  have 
to  fit  together  to  find  the  best 
solution  possible. 
Even  then,  the  rate  of 
technology  change 
can  invalidate  care¬ 
fully  made  decisions. 

But  I’ve  learned 
that  there  always 
comes  a  point  when  you  have 
to  say,  “All  right,  I’ve  reviewed 
as  much  information  as  is 
reasonable.  Now  I  have  to 
make  some  decisions,  right 
or  wrong.”  So,  right  or  wrong, 
here’s  what  I  see  for  us  this 
year: 

■  We  are  not  going  to  up¬ 
grade  to  Vista. 

■  We  are  going  to  upgrade 
to  dual-core  technology. 

■  We  are  going  to  encrypt 
network  traffic,  file  systems 
and  databases. 

■  We  are  going  to  find  a  doc¬ 
ument  management  system 
that  is  secure  and  easy  to  use. 

■  We  are  going  to  get  a  han¬ 
dle  on  log  file  management. 

■  We  are  going  to  investi¬ 
gate  unified  threat  manage¬ 
ment  systems. 

■  We  are  going  to  provide 


Right  or 
wrong, 
here’s  what  I 
see  for  us  this 

year. 


security  awareness  training  in 
a  fun,  informative  and  consis¬ 
tent  way. 

■  We  are  going  to  under¬ 
stand  NAC  vs.  NAP  and  evalu¬ 
ate  our  choices. 

A  Closer  Look 

I  don’t  know  yet  exactly  how 
we  are  going  to  accomplish 
these  things.  And  it’s  not  clear 
which  technologies  we  will 
choose.  There  are  dozens 
of  vendors  out  there  whose 
products  promise  to  solve  our 
problems. 

For  instance,  do  we  go  with 
AMD  or  Intel  for  dual-core 
technology?  We’ve  standard¬ 
ized  on  AMD  processors,  but 
Intel  seems  to  be  storming 
ahead.  Will  any  of  our  current 
applications  make  use  of  dual¬ 
core  technology,  or  are  we  just 
preparing  for  a  future  that  may 
actually  include  quad-  and 
even  eight-core  processors? 

Vista  is  at  least  a  year  away 
for  us.  We  hope  this  isn’t  a 
mistake.  With  Microsoft,  it 
has  always  been  better  to  wait 
and  see  how  things  go  before 
jumping  to  a  new  operating 
system.  And  we  will  have  to 
understand  Microsoft’s  licens¬ 
ing  agreements.  From  what 
I’ve  heard,  Microsoft  is  mak¬ 
ing  it  difficult  to  not  upgrade 
to  Vista.  We  shall  see. 

We  want  to  better  secure 
our  network  and  access  to  it, 
so  do  we  follow  along  with 
Cisco  or  prepare  ourselves  for 
Microsoft’s  NAP?  From  what 
I  can  tell,  NAP  isn’t  ready  for 
prime  time,  since  it  requires 
Vista  and  the  new  “Longhorn” 
Windows  server,  which  hasn’t 
been  released. 

Cisco’s  NAC  seems  closer 
at  hand,  but  it  would  require 
us  to  add  server  hardware 
and  client  software  —  a  Cisco 
Secure  ACS  server  and  a  desk¬ 
top  agent  (Cisco  Trust  Agent) 
—  in  addition  to  making  router 
configuration  changes  and 
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integrating  the  system  with 
antivirus  and  software  distri¬ 
bution  servers. 

The  good  news  is  that  Cisco 
and  Microsoft  have  collabo¬ 
rated  and  cross-licensed 
their  technologies.  This  will 
make  migrating  to  a  network 
access  technology  doable  in 
the  future. 

Grasping  what  needs  to  be 
done  in  the  encryption  arena 
is  like  grabbing  a  tiger  by  the 
tail.  Since  our  agency  handles 
electronic  protected  health 
information,  we  must  tame 
this  tiger.  We  currently  pro¬ 
tect  data  using  access  controls, 
but  they  can  be  circumvented 
by  a  sophisticated  hacker,  and 
encryption  provides  another 
layer  of  defense  for  data  at  rest 
and  in  transit. 

Then  there  are  log  files.  We 
store  system  logs  on  a  secured 
file  server.  If  we’re  going  to  be 
cognizant  of  suspicious  events, 
the  logs  have  to  be  manually 
inspected  on  a  daily  basis,  but 
we  are  far  from  doing  that. 

And  that  brings  us  to  threat 
management. 

When  I  say  “unified  threat 
management,”  I  mean  a  meth¬ 
od  of  bringing  together  all  the 
data  our  systems  write  to  log 
files  and  correlating  the  infor¬ 
mation  so  that  we  can  spot  po¬ 
tential  threats  to  the  infrastruc¬ 
ture  in  a  timely  manner.  That’s 
a  mouthful  and  a  challenge.  We 
plan  to  look  at  what  Cisco  can 
do  for  us  in  this  area. 

So,  that’s  my  list.  Drawing  it 
up  gets  my  engine  going.  The 
next  step  is  to  pull  the  team 
together  and  share  my  vision. 
Then  I’ll  shut  my  mouth  and 
listen  for  a  long  time.  Sure,  I 
have  been  thinking  all  year 
about  what  our  next  steps  are 
going  to  be,  but  so  has  the  team. 
We  need  to  arrive  at  a  consen¬ 
sus  about  what  can  and  can’t  be 
done  with  our  available  time 
and  resources.  Ready?  Go.  » 


WHAT  DO  YOU  THINK? 

This  week’s  journal  is  written  by  a  real 
security  manager,  “C.J.  Kelly,"  whose  name 
and  employer  have  been  disguised  for 
obvious  reasons.  Contact  her  at  mscjkelly® 
yahoo.com,  or  join  the  discussions  in  our 
security  blogs:  computerworld.com/ 
blogs/security 

To  find  a  complete  archive  of  our  Security 
Manager's  Journals,  go  online  to 

computerworld.com/secjournal 


Cisco  to  Provide 
Severity  Scoring 

The  Cisco  Product  Security 
Incident  Response  Team 
plans  to  add  severity  scores 
to  its  advisories  so  users 
can  prioritize  their  patch 
management.  The  scores 
will  be  calculated  according 
to  the  Common  Vulnerability 
Scoring  System.  Cisco  will 
provide  the  base  CVSS 
scores,  which  indicate 
the  conditions  required  to 
exploit  a  vulnerability  and 
the  effect  of  a  successful 
exploit,  and  temporal  scores, 
which  have  time-dependent 
information. 


Computers  Used  in 
Traffic  Sabotage 

Two  transportation  engi¬ 
neers  pleaded  not  guilty  last 
week  to  criminal  charges 
that  they  gained  unauthor¬ 
ized  access  to  traffic  center 
computers.  According  to  the 
Los  Angeles  Times,  Gabriel 
Murillo,  37,  and  Kartik  Patel, 
34,  allegedly  rigged  comput¬ 
ers  to  change  the  timing 
on  traffic  signals  at  four 
Los  Angeles  intersections 
shortly  before  a  labor  union 
strike  on  Aug.  21.  Murillo 
is  charged  with  one  count 
of  unauthorized  access  of 
a  computer  and  one  count 
of  identity  theft,  and  Patel 
faces  one  count  of  unauthor¬ 
ized  access  of  a  computer 
and  four  counts  of  unauthor¬ 
ized  disruption  or  denial  of 
computer  services. 
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File  Sharing  Leads 
To  Data  Breach 

Sources  close  to  Japan’s 
Ground  Self-Defense  Force 
told  the  Daily  Yomiuri 
newspaper  last  week  that 
between  fiscal  2002  and 
the  end  of  October  2006, 
members  of  the  GSDF 
inadvertently  exposed  infor¬ 
mation,  including  sensitive 
data,  through  the  Winny  file- 
sharing  program  27  times 
Four  other  incidents  ha 


been  reported  earffe 
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Linux  Server  Debuts 
For  HPC  Clusters 

■  Penguin  Computing  Inc.  in  San 
Francisco  last  week  released  the 
Aitus  600  Linux  server,  which  is 
designed  for  high-performance 
computing  (HPC).  It  comes 
with  one  or  two  AMD  Opteron 
2000  series  processors  and 
up  to  64GB  of  memory,  and  it 
excludes  server  features  not 
normally  needed  in  an  HPC  clus¬ 
ter  environment.  The  server  in¬ 
cludes  onboard  Gigabit  Ethernet, 
Serial  ATA  hard  drives  and  a  PCI 
Express  x16  expansion  slot  for 
high-speed  cluster  interconnects. 
Dual-processor  configurations 
start  at  a  list  price  of  $1,499  and 
run  up  to  $150,000  for  64-node 
clusters.  The  servers  use  the 
vendor’s  Scyld  clustering  soft¬ 
ware  and  the  CentOS  distribution 
of  Linux. 


Matrox  Releases 
Multimonitor  Card 

■  Matrox  Graphics  Inc.  in  Montre¬ 
al  last  week  announced  the  Dual- 
Head2Go  Digital  Edition  video 
card,  which  lets  laptop  and  desk¬ 
top  computer  users  connect  two 
side-by-side  monitors  with  digital 
outputs.  The  external  video  card 
connects  to  the  VGA  output  of 
compatible  notebook  or  desktop 
computers  and  spreads  the 
user’s  on-screen  desktop  across 
two  digital  displays.  Users  can 
work  with  multiple  full-screen 
documents  or  applications 
simultaneously,  eliminating  the 
need  to  frequently  open,  close  or 
minimize  applications,  the  vendor 
says.  The  device,  which  retails 
for  $229  and  will  be  available  by 
the  end  of  March,  includes  sup¬ 
port  for  Windows  Vista,  XP  and 
2000  as  well  as  Mac  OS  X. 


Tree  750  Operates 

On  CinguSar  30  Net 

a  Palm  Inc.  and  Cingular  Wire¬ 
less  LLC  announced  the  Treo 
750,  the  first  smart  phone  to  run 
on  Cingular’s  3G/UMTS  network 
in  the  U.S.  and  abroad.  The  new 
device,  which  began  shipping 
last  week,  runs  on  Windows  Mo¬ 
bile  5.0.  Pricing  is  $399.99  with 
a  two-year  contract  and  rebate. 


MARK  WILLOUGHBY 


Microsoft  Excels  With 
Four  Business  Models 


T’S  TOUGH  to  cheer  for  a  company  with  $46  bil¬ 
lion  in  revenue,  the  monopoly  power  to  dictate 
technology,  and  net  profit  margins  consistently 
north  of  30%.  Microsoft  doesn’t  make  friends  easily. 

Nonetheless,  Microsoft’s  risky  investments  in 


new  IT  markets  are  remark¬ 
able.  The  company  is  poised 
to  display  the  IT  industry’s 
best  technology  business 
model  execution  in  2007. 

Only  the  very  best  man¬ 
aged  companies  can  sustain 
profitability  in  two  technol¬ 
ogy  business  models.  It  takes 
a  rare  combination  of  size, 
innovation  and  talent  to  real¬ 
ize  profits  with  a  third.  And 
it’s  a  very  exclusive  club  of 
companies  that  can  launch  a 
fourth  business  model. 

But  today  Microsoft  has 
four  distinct  businesses:  li¬ 
censed  software,  gaming,  Web  services 
and  personal  music.  Microsoft  estab¬ 
lished  beachheads  in  the  third  and  fourth 
businesses  in  just  the  past  12  months. 
Achieving  profitability  in  four  business 
models  requires  considerable  innovation 
and  increases  competition. 

Shareholders  should  see  profits  from 
Microsoft’s  Xbox  gaming  system  in  2007, 
six  years  after  it  was  launched.  The  one- 
year-old  Windows  Live  —  essentially 
an  advertising-supported  Web  services 
model  —  is  trying  to  compete  with  a 
nimble  Google.  The  new  Zune,  launched 
at  the  end  of  2006,  is  clawing  its  way  into 
the  personal  music  marketplace  domi¬ 
nated  by  Apple’s  iPod. 

Many  companies  are  profitable  with 
a  single  business  model  —  Dell  and 
Google  are  marquee  examples,  and 
there  are  thousands  of  others.  Fewer  IT 
companies  have  mastered  the  scale  and 
innovation  required  to  achieve  profit¬ 
ability  with  two  business  models.  The 
iPod  contributes  to  Apple’s  bottom  line. 
And  Cisco  recently  announced  plans  to 
unbundle  its  IOS  software  and  network¬ 
ing  hardware  in  a  gambit  to  add  a  second 
business  model. 

With  the  iPhone,  Apple  is  now  hop¬ 
ing  for  success  in  three  arenas,  but  few 


|.1»MW|  r  companies  can  attempt  three 
business  models,  much  less 
attain  profitability.  IBM  and 
HP  have  managed  this  in 
licensed  software,  computing 
platforms  and  various  types 
of  IT  services.  IBM  exited 
consumer  computing  by  sell¬ 
ing  its  PC  business  to  Lenovo, 
while  HP  continues  to  invest 
in  this  highly  competitive 
fourth  business  model. 

Microsoft’s  Windows  and 
Office  cash  cows  sustain  the 
company  while  it  experi¬ 
ments  to  find  the  right  for¬ 
mula  to  succeed  in  new  high- 
growth  businesses.  Microsoft  has  earned 
a  reputation  for  tenacity,  a  critical  attri¬ 
bute  for  making  profits  with  a  new  busi¬ 
ness  model  —  perhaps  even  as  important 
as  innovation.  Wall  Street  frowns  on 
spending  cash  for  risky  ventures,  figur¬ 
ing  the  money  should  be  returned  to 
stockholders,  which  is  why  Microsoft’s 
stock  price  has  languished. 

Contrast  Microsoft’s  recent  efforts  to 
launch  risky  new  technology  business 
models  with  its  past  efforts  to  eliminate 
threats  to  its  operating  system  fran¬ 
chise.  Bundling  Media  Player  and  the 
Internet  Explorer  Web  browser  with 
Windows  were  self-serving  marketing 
moves  hailed  as  innovative  technology. 
The  results  of  this  strategy  were  further 
bloating  of  the  operating  system,  more 
security  vulnerabilities  and  an  antitrust 
lawsuit  filed  by  the  U.S.  Department  of 
Justice. 

Today  Microsoft  really  is  fostering 
competition.  Zune,  Microsoft’s  entrant 
into  the  Internet  music  business  model 
pioneered  by  Apple,  will  hemorrhage  cash 
for  the  foreseeable  future  as  the  company 
strives  to  sell  3  million  units  in  2007.  The 
upstart  Zune  competes  with  Apple’s  85% 
share  of  the  Internet  music  download 
market,  the  result  of  having  sold  67  mil¬ 


lion  iPods  and  1.5  billion  online  songs. 

To  boost  Zune’s  fortunes,  Microsoft 
is  reusing  a  connectivity  strategy  that 
helped  to  grow  the  online  gaming  mar¬ 
ketplace  and  accelerated  Xbox  sales. 
Microsoft  is  attempting  to  create  prod¬ 
uct  synergy  with  a  wireless  connection 
that  beams  songs  among  Zunes,  just 
as  Xbox’s  Live  Internet  connectivity 
boosted  online  gaming  for  Xbox  —  at  the 
expense  of  Sony,  Nintendo  and  Sega. 

Microsoft’s  Live  offering  is  challenging 
Google  in  the  Web  services  market.  Live 
targets  any  consumer  browser,  including 
Mozilla’s  Firefox.  Windows  Live  Mail 
supports  competitive  e-mail  services,  in¬ 
cluding  Google’s  Gmail. 

Experimenting  with  new  business 
models  is  evidence  of  real  change  occur¬ 
ring  on  the  Redmond  campus.  Interoper¬ 
ability  with  competitive  offerings  hasn’t 
been  a  historic  strength  of  Microsoft’s, 
to  say  the  least.  Profitability  for  Live  de¬ 
pends  on  advertising  and  subscriptions 
for  premium  services,  which  requires 
targeting  the  largest  possible  addressable 
market.  In  fact,  Microsoft’s  commitment 
to  openness  and  interoperability  for  the 
advertising-supported  business  model 
may  be  the  boldest  of  its  new  moves. 

Xbox  has  been  an  innovator  in  online 
gaming  while  creating  a  new  market¬ 
place  for  Microsoft  partners.  Xbox 
should  become  profitable  this  year  with 
around  $4.6  billion  in  sales,  climbing  to 
$7.6  billion  in  2009. 

Growth  in  revenue  generated  by  the 
original  software  business  model  should 
jump  from  11%  last  year  up  to  13%  to  15% 
in  2007  as  Vista  and  Office  upgrades 
kick  in.  But  this  older  model  is  most  at 
risk  to  competition  from  maturing  Web 
services  business  models.  And  the  agile 
enterprise  is  the  death  knell  of  Windows’ 
five-year  software  release  cycle. 

Noticeably  absent  from  Microsoft’s  as¬ 
sault  on  new  business  models  is  an  offer¬ 
ing  in  the  open-source  software  market. 
But  who  knows  —  that  may  yet  become 
a  new  business  model  for  Microsoft  if 
it  sees  dollar  signs  in  the  ecosystem  of 
open-source  software. » 
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OPTION 

Crucial  Postproject  Reviews 

Don’t  underestimate  the 
importance  of  a  well-executed 
postproject  review,  says 
Bart  Perkins.  PAGE  30 
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IT  MENTOR 

Benefits-funded  IT 

In  IT,  as  in  winemaking,  timing 
is  everything,  says  IT  Mentor 
Frank  Modruson. 
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SWIMMING  IN  THE  GLOBALTALENT  POOL 


Thriving  in  today’s  worldwide  labor  market  requires  top  skills,  creative  tactics  and  ‘relevance.’ 


WHEN  HE  WAS  a  16-year-old  student,  Jeff  Kiiza 
would  never  have  imagined  that  10  years  later  he’d 
be  writing  code  in  Perl,  PHP/MySQL  and  AJAX  for 
companies  in  the  U.S.,  Canada,  Australia  and  Spain 
—  and  that  he’d  be  doing  it  from  his  home  in  Cor¬ 
doba,  Argentina.  “Back  then,  it  would  have  been  a 
dream  or  science  fiction,”  he  says.  “But  the  avail¬ 
ability  of  greater  free-flowing  bandwidth  and  com¬ 
panies  turning  to  the  Internet  have  allowed  it. 

Hemang  Dani  is  pretty  amazed  that  in  the 


past  six  months,  he  has  boosted  his 
income  to  $5,000  per  month  by  work¬ 
ing  for  companies  in  the  U.S.,  the 
U.K.,  Germany  and  Australia.  Not 
bad,  considering  the  low  cost  of  liv¬ 
ing  in  his  home  city  of  Mumbai,  India. 
Dani’s  projects  range  from  coding 
‘shopping  carts”  and  enabling  credit- 
card  processing  on  Web  sites  to  man¬ 
aging  portals  as  a  webmaster. 

Dani  and  Kiiza  have  jumped  with 
both  feet  into  the  global  talent  pool. 

Both  worked  for  overseas  organiza¬ 
tions  even  before  they  joined 
Menlo  Park,  Calif. -based 
oDesk  Corp.’s  online  mar¬ 


ketplace,  which  links  programmers 
with  businesses  that  need  their  ser¬ 
vices.  Kiiza  coded  for  a  university  in 
Tanzania,  and  Dani  picked  up  work 
through  GetaFreelancer.com,  which 
is  owned  by  a  Swedish  company 
called  Innovate  IT. 

And  because  there  are  more  pro¬ 
grammers  like  them  every  day  in 
developing  parts  of  the  world,  IT 
professionals  in  the  U.S.  are  now 
competing  in  the  global  talent  pool  as 
well.  While  many  U.S.  companies  to¬ 
day  are  still  hiring  globally  only  when 
their  need  is  short-lived  or  skills  are 
scarce  or  too  high-priced  in  the  lo- 
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cal  or  domestic  labor  pool,  some  are 
going  global  simply  to  find  the  best 
of  the  best,  no  matter  where  they’re 
located,  according  to  Kevin  Wheeler, 
president  of  Global  Learning  Re¬ 
sources  Inc.,  a  recruiting  consulting 
firm  in  Fremont,  Calif.  “Cisco,  Micro¬ 
soft,  Google  —  these  companies  have 
clearly  taken  the  position  that  they’re 
going  where  the  talent  is,”  he  says. 

Companies  such  as  MySQL  AB 
don’t  care  where  employees  live;  they 
hire  for  raw  talent.  The  open-source 
software  maker’s  320  employees  re¬ 
side  in  25  countries,  and  70%  of  them 
work  from  home,  according  to  Steve 
Curry,  director  of  corporate  commu¬ 
nications  at  MySQL. 

Even  more-traditional  companies 
like  Henkel  Corp.,  a  consumer  prod¬ 
ucts  maker  in  Diisseldorf,  Germany, 
are  letting  the  work  flow  to  the  work¬ 
er  when  they’re  in  search  of  scarce 


talent.  For  instance,  Henkel’s  need  for 
IT  professionals  with  experience  in 
SAP’s  Advanced  Planning  and  Opti¬ 
mizer  module  prompted  the  company 
to  extend  its  talent  search  outside  of 
North  America  and  Western  Europe, 
even  though  that’s  where  the  soft¬ 
ware  is  used  the  most,  says  Amy 
Bloebaum,  vice  president  and  CIO  at 
Henkel  of  America  Inc. 

“When  we’re  looking  for  a  special¬ 
ized  skill  that’s  in  high  demand,  we’re 
very  flexible  in  terms  of  where  the 
talent  is  located,”  she  says. 

With  all  that  in  mind,  IT  profes¬ 
sionals  in  today’s  job  market  need  to 
begin  preparing  now  to  swim  among 
the  fresh  schools  of  competitors 
in  the  global  talent  pool.  “If  you’re 
45  and  plan  to  work  until  you’re  65, 
you’re  going  to  be  forced  to  embrace 
this,”  Wheeler  says. 

Keep  Current 

To  play  in  the  global  game,  you  don’t 
have  to  be  young,  but  you  do  have 
to  exude  what  technology  recruiter 
David  Hayes  calls  “relevance.”  This 
means  having  at  least  a  basic  under¬ 
standing  of  some  of  the  so-called  Web 
2.0  technologies  that  have  emerged  in 
the  past  few  years,  such  as  blogs,  wi¬ 
kis,  podcasting  and  RSS  feeds. 

“The  world  has  changed,  and  you 
can  either  change  with  it  or  get  swept 
up  by  it,”  says  Hayes,  president  of 
HireMinds  LLC  in  Cambridge,  Mass. 
“On  your  resume,  if  you  don’t  talk 
about  something  you  do  that’s  con¬ 
nected  to  one  of  these  new  spaces, 
you  won’t  even  be  considered.  So 
start  running  a  cooking  blog  or  say 
you  enjoy  podcasting  your  wife’s 
rock  band.” 

Another  key  area  to  at  least  un¬ 
derstand  and  perhaps  participate 
in  is  the  open-source  community. 


“There’s  a  belief  system  in  there,  and 
you  have  to  be  able  to  express  that,” 
Hayes  says  of  the  open-source  world. 
“If  you  want  to  know  what’s  going  on 
in  the  world,  participate  in  it.” 

Though  this  may  not  be  easy  for 
IT  veterans,  it’s  a  good  way  for  them 
to  rejuvenate  their  careers,  Wheeler 
says.  “I’ll  talk  to  an  IT  guy  with  15 
years  of  experience  who  knows  three 
or  four  different  programming  lan¬ 
guages  and  has  really  good  system 
experience.  Then  I  start  talking  about 
phishing  or  blogs  or  PHP,  and  they 
look  at  me  like,  ‘Huh?’  ”  he  says.  “I 
don’t  expect  you  to  do  that  stuff,  but 
at  least  you  should  have  heard  of  it.” 

IT  professionals  seeking  to  work 
on-site  in  a  corporate  setting  also 
need  to  hone  their  personal  market¬ 
ing  messages,  particularly  about 
how  they  bring  value  to  the  business. 
“Most  of  our  customers  want  some¬ 
one  in  their  physical  office  because 
it  requires  interaction  with  the  busi¬ 
ness  community  and  a  holistic  con¬ 
nection  to  the  business,”  says  Hayes. 

Unfortunately,  this  isn’t  what 
comes  across  in  the  bulk  of  the 
resumes  that  Bloebaum  sees.  “It’s 
very  important  for  job  candidates  to 
convey  how  they  made  a  difference 
in  their  last  job,”  she  says.  “When 
you  read  as  many  resumes  as  I  do, 
it  becomes  apparent  very  quickly 
which  ones  think  of  their  technology 
experience  in  a  business  context  [and 
which]  think  in  a  technology  context.” 

Even  IT  professionals  who  pur¬ 
sue  hot  technology  areas  such  as 
reusable  software  components, 
service-oriented  architecture  or 
wireless  applications  are  practically 
unemployable  if  they  can’t  meld  that 
knowledge  with  how  it’s  used,  says 
Diane  Morello,  an  analyst  at  Gartner 
Inc.  For  instance,  if  you  market  your- 


STOP  TREADING  WATER 

Tips  for  pulling  ahead  in  your  career  from  Gartner  analyst  Diane  Morello: 

SWIM  OR  SINK.  If  you're  planning  on  following  a  pure  technology  track,  set  a  goal  to  be  “the  most 
excellent,  the  most  adept  and  one  of  the  fastest  studies  out  there  for  moving  into  new  areas  of  tech¬ 
nology,”  Morello  says.  “If  you’re  not  continually  refining  what  you’re  doing,  you  do  lose  ground." 

PICK  THE  FAST  LANE.  Be  ruthless  about  which  industries  provide  the  most  forward-looking  op¬ 
portunities  in  your  interest  area,  and  be  realistic  about  where  the  best  job  options  lie.  “If  I  go  to  the 
IT-specific  job  boards,  70%  to  80%  of  the  jobs  are  at  service  providers,"  Morello  says. 

PRACTICE  WITH  WINNERS.  Don’t  discount  how  important  it  is  to  work  with  the  most  dynamic 
and  top-notch  people,  whether  through  electronically  mediated  forums  or  in  person.  “By  virtue  of 
working  with  them,  you’re  expanding  and  enriching  yourself,"  Morello  says. 
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HOW  TO  GET  ‘FOUND’ 


THE  GLOBAL  TALENT  POOL  is  a  larger  place  than  most  IT  profession¬ 
als  are  accustomed  to  operating  in  -  so  large,  in  fact,  that  it's  easy  to  get 
lost  in  the  depths.  It's  also  an  increasingly  virtual  place.  Recruiters,  job 
seekers  and  the  most  talented  people  in  the  technology  profession  spend 
much  of  their  time  on  the  Web. 

In  fact,  being  visible  to  potential  employers  means  that  you  need  to  be 
"findable,”  and  that  means  being  in  places  where  people  are  congregating 
today,  says  David  Hayes,  president  of  HireMinds.  “And  it's  not  at  church  on 
Sunday  morning  anymore,"  he  adds. 

“There  are  people  who  get  jobs  [easily]  who  never  even  wrote  a  rdsumd 
because  they're  not  posting  to  CareerBuilder.com  anymore.”  Hayes  says. 
"They  just  have  a  profile  on  a  social  network." 

Such  networks  include  Linkedln,  Ryze.com  and  Ecademy.  In  fact,  if 
someone  mentions  a  potential  job  candidate  to  Hayes,  the  first  thing  he 
does  is  check  for  information  on  Linkedln. 


It's  important  to  ask  yourself  what  a  hiring  manager  would  find  if  he 
searched  for  you  on  the  Web,  says  Kevin  Wheeler,  president  of  Global 
Learning  Resources  Inc.  Becoming  active  on  blogs,  podcasts  or  in 
open-source  communities  or  creating  your  own  Web  page  are  all  ways  to 
become  more  easily  found. 

“If  you  don't  have  a  blog  or  a  Web  site  and  you  never  made  a  public 
speech  or  aren't  part  of  a  volunteer  group  or  committee,  there  won't  be  any¬ 
thing  out  there,  so  you  have  to  build  a  presence  for  yourself,”  Wheeler  says. 

Another  tactic  is  to  “search-optimize”  your  rdsumd  by  including  a  key¬ 
word  section  on  it  where  you  can  list  relevant  terms  such  as  the  industries 
you've  worked  in  and  the  technologies  you're  able  to  apply,  Hayes  sug¬ 
gests.  “You're  spoon-feeding  them  the  words  they’ll  be  searching  for,"  he 
explains.  “It  makes  you  findable,  and  it  also  shows  you're  connected,  since 
search  engines  are  a  giant  part  of  the  employment  process," 

-  MARYBRANDEL 


self  as  an  expert  in  reusable  software 
you  also  have  to  convey  your  abil¬ 
ity  to  synthesize  information  about 
business  processes  and  translate 
that  into  software  modules,  she  says. 
“You  need  to  take  a  larger  view  than 
your  own  specific  job  —  whether  it’s 
a  global  view,  an  industry  view  or  a 
process  view,”  Morello  says. 

This,  says  Wheeler,  is  how  IT 
professionals  can  show  what  he 
calls  “charisma.”  “So  many  people 
who  have  IT  skills  are  technicians 
—  competent  executors  of  things  like 
writing  code,”  he  says.  “But  when 
you  talk  to  recruiters  and  hir¬ 
ing  managers,  they  want  an  IT 
person  who’s  skilled  but  has 
some  edge  —  some  moxie  or  an 
understanding  beyond  just  being 
a  technician.” 

Tables  Turned 

And  U.S.  companies  are  not  the 
only  ones  looking  for  these  in¬ 
tangible  traits.  Indian  firms  such 
as  Wipro  Ltd.,  Tata  Consultancy 
Services  Ltd.  and  Infosys  Tech¬ 
nologies  Ltd.  are  recruiting  workers 
overseas,  including  in  the  U.S.  At  In¬ 
fosys,  for  instance,  the  Global  Talent 
Program  looks  for  graduates  from 
top  U.S.  universities  for  software  en¬ 
gineering  positions. 

A  key  characteristic  that  Infosys 
seeks  in  candidates,  according  to 
Bikramjit  Maitra,  vice  president  of 
human  resource  development  at  the 
company,  is  “learnability.” 

“We  take  people  for  their  ability  to 
learn,  not  just  for  the  specific  knowl¬ 
edge  they  have,”  he  says. 

So  far,  126  U.S.  citizens  have  been 
hired  to  undergo  such  training  in  In¬ 


dia.  One  of  these  is  24-year-old  Matt 
Sorge,  a  mechanical  engineering 
graduate  of  MIT. 

“In  the  interview,  I  spoke  a  lot 
about  the  fact  that  I  worked  at  two 
to  three  jobs  that  were  fast-changing 
and  dynamic  and  that  I  had  to  learn 
on  the  spot  to  contribute  to  the  com¬ 
mon  goal  each  day,”  he  says.  “They 
were  looking  for  that  type  of  individ¬ 
ual  because  information  technology 
is  changing  every  day,  and  they  don’t 
need  people  who  are  stagnant.” 

It’s  a  trait  that  Sorge  notices  not 
only  among  the  software  engineers 


he  meets  in  India  but  also  in  many 
employees,  from  the  instructors  at 
Infosys  to  the  maintenance  people  in 
the  hotel  he  stays  in.  “Everybody  here 
is  extremely  motivated  and  willing  to 
be  here  until  the  job  is  done,”  he  says. 

Sorge’s  time  in  India  will  also  help 
him  as  employers  increasingly  look  for 
candidates  with  multicultural  experi¬ 
ence  and  the  ability  to  work  on  global 
teams.  “I’m  not  saying  we  won’t  hire 
people  with  experience  in  [just]  one 
business,  one  function  or  one  coun¬ 
try,”  Bloebaum  says,  “but  it’s  quite 
important  for  people  who  come  from 
a  variety  of  skills  and  backgrounds  to 


make  up  the  IT  organization.” 

The  preferred  candidate  is  willing 
to  work  within  a  global  model,  says 
John  Dubiel,  who  was  recently  hired 
to  be  a  U.S.-based  practice  director 
at  Tata  Consultancy  Services  North 
America.  “Employers  want  people 
who  understand  different  work  mod¬ 
els,  like  offshore  models,  or  where 
your  team  is  in  multiple  geographic 
locations  outside  the  U.S.,”  he  says. 

It  also  includes  having  an  open 
mind  about  your  source  of  employ¬ 
ment.  “People  in  the  U.K.  and  Europe 
are  much  more  accustomed  to  work¬ 
ing  for  multinationals  [with  overseas 
headquarters]  than  Americans  are,” 
Morello  says.  “It’s  a  difference  be¬ 
tween  parochial  thinking  and  global 
thinking  —  that  global  doesn’t  neces¬ 
sarily  mean  Western." 

Dubiel  says  a  company’s  location 
will  matter  even  less  over  the  next 
five  years.  “Pretty  soon,  the  issue  of 
whether  I  work  for  a  U.S.  or  Indian 
company  will  be  irrelevant,”  he  says. 
“All  these  companies  that  offer  ser¬ 
vices  are  pretty  much  the  same;  only 
the  headquarters  will  change.” 

When  that  happens,  it  will  become 
more  important  than  ever  for  IT 
professionals  to  grab  hold  of  their  ca¬ 
reers  and  start  steering  them. 

“Many  people  sleepwalk  through 
their  careers,”  Morello  says,  “but 
even  older  programmers  can  expand 
themselves  to  look  at  other  aspects  of 
knowledge  they  possess  and  make  it 
part  of  the  living,  breathing  experi¬ 
ence  they  offer  to  a  company.”  » 

Brandel  is  a  Computerworld 
contributing  writer.  Contact  her  at 
marybrandel@verizon.  net. 


When  were 
looking  for  a 
specialized 
skill  that  sin 
high  demand, 
were  very 
flexible  in  terms 
of  where  the 
talent  is  located. 


AMY  BLOEBAUM,  VICE  PRESIDENT  AND  CIO, 
HENKEL  OF  AMERICA  INC. 
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In  IT  investments,  as  in  winemaking, 
timing  is  everything.  By  Frank  Modruson 


IOs  AND  wine  connoisseurs 
(like  me,  many  of  you  may 
be  both)  can  appreciate  the 
power  of  timing.  In  wine 
and  IT,  timing  often  makes 
the  difference  between 
technical  and  financial  suc¬ 
cess  and  unmitigated  failure. 

In  winemaking,  the  amount 
of  time  grapes  are  permitted 
to  get  sun  on  the  vine  before  harvest 
—  often  called  their  “hang  time”  by 
vintners  —  is  a  hot  topic.  Pick  the 
grapes  too  soon,  and  they  may  not  be 
ripe  enough  to  produce  a  top-shelf 


wine.  Pick  them  too  late,  and  you  risk 
pressing  “dead  fruit”  —  producing 
wine  whose  flavor  is  too  strong.  The 
same  goes  for  IT  investments,  where 
timing  can  have  an  outsized  impact  on 
a  project’s  results. 

My  company  has  a  vari¬ 
ety  of  ways  to  fund  IT  proj¬ 
ects,  but  they  all  get  a  good 
jump-start  by  having  solid 
business  cases  with  well-defined  value 
propositions,  including  defined  costs 
and  benefits.  These  business  cases 
then  flow  through  our  IT  governance 
process. 


Unlike  wine  consumers,  who  must 
rely  solely  on  the  vineyards  to  make 
the  right  decisions,  our  customers  (our 
business  sponsors)  are  involved  early, 
way  before  the  stomping  of  grapes.  Our 
IT  steering  committee  (ITSC),  which 
comprises  the  chief  operating  officers 
of  our  businesses,  evaluates  business 
cases  for  every  major  IT  project. 

Within  that  framework,  here  are  our 
three  approaches  to  IT  investments: 

Corporate-funded.  If  the  IT  organiza¬ 
tion  or  a  business  sponsor  proposes  a 
technology  investment  for  the  good 
of  the  entire  company  —  such  as  our 
ERP  transformation  project  —  the 
company  makes  the  investment.  The 
ITSC  prioritizes  these  “greater  good” 
business  cases  and  determines  which 
get  funded. 

Customer-funded.  When  the  initiative 
benefits  a  single  corporate  organiza¬ 
tion,  business  function  or  location  (i.e., 
it’s  not  a  global  IT  capability),  that 
entity  funds  it.  This  approach  is  also 
used  when  the  ITSC  believes  a  project 
is  a  good  idea  but  not  a  high  enough 
priority  to  fund.  If  the  business  spon¬ 
sor  feels  that  the  project  is  important 
enough,  he  can  fund  it  with  his  own 
operating  budget. 

The  ITSC  still  reviews  and  approves 
customer-funded  projects  to  ensure 
that  the  work  is  aligned  with  our  busi¬ 
ness  and  IT  strategy  and  adheres  to  our 
IT  architecture  and  standards.  Some 
examples  of  customer-funded  initia¬ 
tives  include  payroll  systems  deployed 
at  the  country  level,  and  specific  en¬ 
hancements  to  our  sales  management 
system  that  are  funded  by  the  sales 
groups. 

Benefits-funded.  Some  business  cases 
are  so  compelling  that  it’s  clear  the 
projects  will  affect  the  company  im¬ 
mediately.  These  will  be  funded  within 
the  current  fiscal  year  by  the  benefits 
realized.  This  is  where  timing  is  cru¬ 
cial.  Very  granular  assessments  and 
benefits  analyses  help  assure  us  that 
these  projects  will  absolutely  deliver 
on  their  promises  in  the  current  fis¬ 
cal  year.  For  that  reason,  we  typically 
pitch  projects  that  qualify  as  benefits- 
funded  early  in  the  year.  The  organiza¬ 
tion  receiving  the  benefits  funds  the 
project,  which  is  then  paid  for  by  in¬ 
year  benefits  accrued  (i.e.,  by  reducing 
expenses). 

Of  all  the  ways  we  invest  in  IT, 
our  first  choice  is  benefits-funded. 

If  we  need  $1  million  to  build  or  buy 
something,  but  doing  so  will  generate 
$3  million  in  benefits  during  the  cur¬ 
rent  fiscal  year,  then  that  project  is  ripe 
for  the  picking.  We  get  a  $2  million  re¬ 
turn,  and  the  project  pays  for  itself. 


One  such  project  is  our  new  person¬ 
nel  scheduling  application.  This  system 
was  developed  within  one  fiscal  year.  It 
reduces  the  time  needed  to  staff  assign¬ 
ments  by  68%  and  lowers  related  costs 
by  50%  while  also  improving  our  abil¬ 
ity  to  match  skills  with  open  positions 
—  all  of  which  provides  a  competitive 
advantage  to  our  firm.  Most  important 
in  this  context,  enough  of  those  ben¬ 
efits  were  realized  in  the  year  the  proj¬ 
ect  was  funded  to  pay  for  its  costs. 

CIOs  who  leverage  benefits-funded 
IT  will  reap  great  rewards,  but  you 
must  choose  the  project  carefully,  ex¬ 
ecute  it  at  precisely  the  right  time  and 
fully  commit  the  resources  to  develop 
and  deploy  the  project.  * 


Modruson  is  CIO  at  Accenture  Ltd. 
Contact  him  at frank.b.modruson@ 
accenture.com. 


The  Challenges 


If  you  embark  upon  a  benefits-funded 
approach  to  IT  investments,  there  are 
several  areas  where  you  might  encounter 
challenges: 

Who  benefits?  Benefits  will  sometimes 
accrue  to  an  organization  other  than 
that  of  the  business  sponsor.  Take  a 
procurement  system,  for  example.  The 
procurement  organization  doesn’t  man¬ 
age  the  budget  for  the  actual  cost  of  the 
items  that  are  procured;  that’s  spreaflut 
among  the  organizations  that  purchase 
the  items.  However,  a  procurement  sys¬ 
tem  can  have  a  tremendous  payback  by 
centralizing  purchasing  operations,  and 
that  benefits  all  buyers  throughout  the 
company,  regardless  of  their  organiza¬ 
tion.  Thus,  if  the  project  is  to  be  benefits- 
funded,  the  business  sponsor  (procure¬ 
ment)  needs  to  obtain  funding  from  the 
organization(s)  receiving  the  benefit. 

When  do  we  start?  Be  sensitive  to 
when  the  project  will  start.  Benefits- 
funded  IT  projects  must  be  completed 
within  the  fiscal  year,  so  leave  enough 
time  from  start  to  finish.  Typically, 
benefits-funded  IT  initiatives  are  started 
early  in  the  fiscal  year. 

Says  who?  Engage  the  finance  team  to 
ensure  that  the  benefits  are  realized  and 
validated.  To  be  sure  that  the  project  will 
be  truly  benefits-funded,  finance  should 
also  reduce  the  annual  budget  of  the 
organization  that  will  receive  the  benefits 
and  increase  the  budget  of  the  group 
incurring  the  cost. 

-FRANK  MODRUSON 
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Relentlessly  Practical 

Delivering  a  data  warehouse  and  business  intelligence  system 
is  technically  difficult  and  politically  challenging.  Get  it  right! 

Learn  Kimball's 
Dimensional  DW/BI  Methods 

Attend  our  classes  and  read  our  bestselling  Toolkit  books 


The  Data  Warehouse 

Data  Warehouse 
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Dimensional  Modeling  in  Depth 
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Growth  and 
Innovation 

Jan.  30-31,  New  York 

Sponsor:  The  Conference  Board  Inc. 
Thriving  on  Challenge:  The  Growth 
and  Innovation  Conference  includes 
presentations  on  topics  such  as  the 
strategy  paradox,  talent  acquisition 
and  development,  building  alliances, 
using  customers  in  the  innovation 
process,  eliminating  barriers  to  in¬ 
novation,  learning  from  your  mistakes 
and  focusing  your  resources. 
www.conference-board.org 


Outsourcing 

Feb.  19-21,  Las  Vegas 
Sponsor:  International  Association  of 
Outsourcing  Professionals 
The  2007  Outsourcing  World  Sum¬ 
mit  includes  presentations  on  topics 
such  as  designing,  leading  and  man¬ 
aging  outsourcing  initiatives;  contrac¬ 
tual  and  legal  issues:  renegotiations; 
managing  the  global  services  portfo¬ 
lio;  and  top  functions  and  industries 
for  outsourcing. 

www.outsourcingprofessional.org 


Business  Process 
Management 

Feb.  26-28,  San  Diego 

Sponsor:  Gartner  Inc. 

The  Gartner  Business  Process  Man¬ 
agement  Summit  comprises  tracks 
on  creating  business  alignment, 
embracing  the  new  process-centric 
organization  and  deploying  core  BPM 
technology.  Topics  include  crafting 
a  process  vision,  new  roles  and 
competencies,  process  modeling  for 
profit,  whether  IT  should  drive  proc¬ 
ess  improvement  and  establishing 
process  governance. 
www.gartner.com/events 


Lean  and  Six  Sigma 

Feb.  28-March  1,  Orlando 

Sponsor:  ISO  9000 
The  2007  International  Lean  and 
Six  Sigma  Conference  includes 
presentations  and  case  studies 
on  fast  innovation,  value-focused 
thinking,  continuous  improvement, 
employee  involvement,  identifying 
waste,  nonlinear  thinking,  leading  in  a 
lean  environment,  lean  maintenance, 
risk  analysis,  and  applications  in  the 
public  sector  and  small  and  medium- 
size  organizations. 
www.iso9000conference.com 


BART  PERKINS 


Postproject  Reviews: 
They’re  Crucial 


NEARLY  every  major  systems  implementa¬ 
tion  methodology  includes  some  type  of 
postproject  review.  A  PPR  provides  an 
opportunity  to  review  a  completed  proj¬ 
ect’s  strengths  and  weaknesses  as  well  as 
propose  improvements  for  future  projects. 

A  PPR  should  be  undertaken  for  every  large  project, 


especially  unsuccessful  ones. 

Outsourced  projects  particu¬ 
larly  benefit  from  the  struc¬ 
tured  analysis  and  communi¬ 
cation  required  by  a  review. 

Changes  in  your  IT  orga¬ 
nization,  like  changes  in  your 
life,  require  time  for  reflec¬ 
tion.  A  PPR  is  an  opportunity 
to  learn  from  past  mistakes 
and  successes  and  to  improve 
project  development  prac¬ 
tices.  Unfortunately,  such 
reviews  are  frequently  per¬ 
functory  or  skipped  entirely. 

Major  companies  perform 
comprehensive  reviews  on 
less  than  20%  of  their  large 
projects,  according  to  Stuart 
Orr  at  Vision  2  Execution. 

Objections  to  PPRs  are  myriad.  Many 
IT  organizations  find  it  difficult  to  get 
project  staffers  to  focus  on  PPRs,  which 
are  often  viewed  as  time-consuming 
overhead.  Because  of  resource  shortages, 
key  project  members  are  frequently  reas¬ 
signed  to  other  projects  before  a  review 
is  conducted.  In  addition,  reviews  of 
projects  that  were  plagued  by  political 
problems  or  contentious  disagreements 
can  reopen  old  wounds. 

Despite  these  objections,  comprehen¬ 
sive  project  reviews  are  worth  doing 
because  they  provide  significant  benefits. 
For  example,  they  help  IT  organizations 
do  the  following: 

■  Reassess  business  benefits.  Most  IT 
projects  are  part  of  a  business  program. 
While  the  benefits  of  the  overall  program 
may  not  be  known  for  several  years,  the 
PPR  provides  an  opportunity  to  assess 
whether  the  projected  business  benefits 
(from  both  the  project  and  the  overall 
program)  will  be  realized.  Use  the  re¬ 


view  to  reset  management 
expectations  if  necessary. 

■  Improve  estimation  accuracy. 
The  PPR  provides  an  oppor¬ 
tunity  to  compare  the  origi¬ 
nal  (and  revised)  estimates 
with  the  actual  time  and 
resources  consumed.  The 
objective  is  to  make  future 
estimates  more  accurate,  not 
to  criticize. 

Most  large  organizations 
have  progressed  from  “back 
of  the  envelope”  estimates 
to  more  rigorous  bottom-up 
estimates  based  on  interfaces, 
screens,  data  fields  and  other 
tools.  But  even  sophisticated 
estimating  tools  must  be 
frequently  recalibrated  based  on  your 
organization’s  actual  project  experience. 
Use  the  PPR  to  do  this. 

■  Evaluate  what  went  well.  The  PPR  is  an 
opportunity  to  evaluate  the  effectiveness 
of  project  management  methodology, 
executive  sponsor  participation,  risk 
mitigation  and  political  support.  Use  it  to 
determine  how  each  can  be  better  lever¬ 
aged  on  future  projects. 

■  Identify  areas  for  improvement.  PPRs 
help  minimize  problems  on  future  proj¬ 
ects.  Every  project  encounters  some 
problems,  such  as  unexpected  function¬ 
ality  changes,  missed  deadlines,  technol¬ 
ogy  snafus  and  marketplace  changes. 

Use  the  PPR  to  evaluate  the  project 
team’s  effectiveness  at  identifying,  re¬ 
sponding  to  and  resolving  problems. 

Also  assess  the  success  of  the  adopted 
solutions.  To  improve  future  planning, 
review  the  original  project  documents  to 
determine  whether  the  problems  actu¬ 
ally  encountered  were  initially  identified 
as  risks.  Anticipated  problems  are  much 


BART  PERKINS  is  manag¬ 
ing  partner  at  Louisville, 


Ky.-based  Leverage  Partners 
Inc.,  which  helps  organiza¬ 
tions  invest  well  in  IT.  Contact 

him  at  BartPerkins@ 
LeveragePartners.com. 


easier  to  address  than  unexpected  ones. 
Finally,  brainstorm  about  what  could  be 
improved  on  future  projects  to  prevent 
similar  problems. 

■  Capture  and  encapsulate  project  experi¬ 
ence.  Project  history  tends  to  get  rewrit¬ 
ten  or  forgotten  altogether  if  it  is  not 
captured  in  a  reasonable  amount  of  time. 
Written  records  ensure  that  the  lessons 
learned  —  sometimes  painfully  —  don’t 
get  lost.  In  addition,  PPR  records  may 
be  invaluable  in  future  negotiations  or 
during  litigation  related  to  contentious 
projects. 

■  Get  management  support.  A  PPR  is  an 
opportunity  for  management  to  listen 
and  learn  from  team  members’  experi¬ 
ences.  Reviews  often  uncover  ways  to 
improve  your  organization  for  future 
projects.  If  management  fails  to  act  on 
changes  proposed  through  the  PPR 
process,  however,  staffers  will  become 
cynical. 

Use  the  review  to  get  management’s 
commitment  for  the  improvements  and 
to  hold  management  accountable  for 
implementing  the  changes. 

■  Acknowledge  contributions.  Use  the  PPR 
to  publicly  identify  heroic  efforts  and 
thank  all  team  members  for  their  contri¬ 
butions  to  the  project. 

Although  PPRs  take  time  and  effort, 
the  insights  gained  can  be  invaluable  to 
IT  efforts  to  improve  project  delivery 
capability.  A  comprehensive  PPR  is  an 
opportunity  to  leverage  the  lessons  from 
past  projects  into  improvements  that  will 
enhance  the  planning,  delivery  and  suc¬ 
cess  of  future  projects. 

Most  IT  organizations  recognize  that 
comprehensive  postproject  reviews  pro¬ 
vide  valuable  information  and  develop 
suggestions  for  improvement. 

Properly  undertaken,  the  PPR  provides 
an  opportunity  for  team  members  to 
reflect  and  report  on  their  experiences  in 
a  way  that  helps  the  organization  learn 
constructive  lessons.  Without  feedback, 
few  organizations  are  fully  aware  of  their 
potential  to  improve.  Capitalize  on  past 
experience;  you  have  already  paid  for  it! » 

WANT  OUR  OPINION? 

OFor  more  columns  and  links  to  our  archives  go  to: 

www.computerworld.com/columns 


Witness  network  history. 


Use  the  past  to  solve  the  present. 

For  a  trusted  approach  to  problem  resolution  rely  on  the  Network  Instruments®  GigaStor™  appliance. 
Everything  is  recorded — every  packet,  every  protocol,  every  transaction  for  hours,  days,  even  weeks. 
The  unique  GigaStor  interface  provides  an  effective  way  to  go  back  in  time  to  determine  not  only 
when  the  application  went  down  but  why. 


Resolve  intermittent  problems,  track  compliance  efforts,  isolate  VoIP  quality  issues,  and  more  on  the 
most  complex  WAN,  Gigabit,  and  10  GbE  networks.  Find  out  how  you  can  go  back  in  time  with  the 
GigaStor.  After  all,  those  who  fail  to  study  history  are  doomed  to  repeat  it. 


GigaStor:  Get  proof.  Take  action.  Move  forward. 
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©  2007  Network  Instruments,  LLC.  All  rights  reserved.  Network  Instruments,  GigaStor,  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 
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is  your  email 

fax  enabled? 
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faxing  simplified,  anytime,  anywhere. 
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Cal!  for  information: 


Test  drive  it  here: 

►-722-5258  myfax.com/assessl 


Server  Room 
Climate  &  P°WER 
Monitoring 


ent 


Howto  Protect 

rjssrsss-0-*- 


climate 

worries? 

Get  our 
free  book. 


E-mail  FreeBook@ITWatchDogs.com  with  your  mailing  address 
or  call  us  at  512-257-1462. 


Personal  Edition.  Solutions  for 
organizations  also  available. 


Act  now  to  receive  a 

10%  discount 


Available  for  30  languages,  including  Spanish,  French,  German.  Italian,  Japanese  and  English. 


1-800-399-6162 

Use  promotional  code  cws017  when  ordering. 


RosettaStone.com/cws017 


Level  1  -$495-  NOW  $1 75.50 
Level  2  -$925-  NOW  $202.50 
Best  Value! 

Level  1&2  $999-  NOW  *296.10 


RosettaStone 


Language  Learning 


Success 


The  fastest  way  to  learn  a  language.  Guaranteed^ 


He  was  a  hardworking  farm  boy. 


She  was  an  Italian  supermodel. 


He  knew  he  would  have  just 
one  chance  to  impress  her. 


C  *  ;  \ 

Rosetta  Stone?  The  fastest  and 
easiest  way  to  learn  ITALIAN  . 


Learn  a  language.  Expand  your  world.  Finally,  there’s  a  way  to  learn  a  new  language  that’s  easier 
than  you  could  ever  imagine.  Rosetta  Stone  interactive  software  teaches  you  any  of  30  languages,  all  without 
translation,  memorization,  or  grammar  drills.  Our  Dynamic  Immersion  method  uses  a  combination  of  images 
and  words  in  a  step-by-step  process  that  successfully  replicates  the  experience  of  learning  your  first  language. 
It’s  so  effective  that  NASA,  the  U.S.  State  Department,  and  a  variety  of  Fortune  500®  executives  have  made  it 
their  language  tool  of  choice.  That’s  also  why  we  can  back  it  with  a  6-month  money-back  guarantee. 


Dynamic  Immersion”  teaches  you  to: 


-») 

'  i ' 

□ 


SPEAK:  Evaluate  your  pronunciation 
through  speech  recognition, 

LISTEN:  Hear  the  language  spoken  by 
native  speakers. 

READ:  Words  and  images  used  together 
increase  understanding. 

WRITE:  Practice  writing  the  new  language 
and  receive  immediate  feedback. 


irector 


Enterprise  Development 


I  This  senior  leadership  role  is  accountable  and  respon¬ 
sible  for  the  design,  construction  and  maintenance  of 
all  business  application  systems  for  Paychex.  You  will 
manage  a  250+  employee  organization  at  our  offices  in 
Rochester,  NY  -  a  multi-million  dollar  responsibility! 

Requires  Bachelor’s  degree  in  Business  or  Information 
Systems  and  1 5+  years  of  experience  in  the  comput¬ 
er  field  to  include  10+  years  developing  business 
application  systems  solutions  and  7+  years  manageri¬ 
al  experience  of  increasing  responsibility. 

Relocation  assistance  is  available.  This  position 
offers  executive  level  multifaceted  compensation  and  a 
comprehensive  benefit  package.  Please  apply 
online  at  www.paychex.apply2jobs.com 
referencing  C0RP3892.  EOE. 

PAYCHEX 


IT  consulting  firm  located  in 
Schaumburg.  IL  has  multiple 
openings  for  IT  professionals  to 
serve  multiple  clients  throughout 
the  U.S.  Job  duties  include: 
Analysis,  design,  development 
and  testing  of  computer  applica¬ 
tions.  Specific  skill  sets  needed 
include: 

•.Net  developers  JO-OIO 

•  J2EE  developers  JO-020 

•  Data  warehousing  developers 
JO-030 

•  Oracle  Developers/DBA 
JO-040 

•  Siebel  Developers  JO-050 

•  Quality  Assurance  Analysts 
JO-060 

•  Systems  Administrators  JO-070 

•  ERP  Consultants  JO-080 

Positions  require  either  a  B.S. 
degree  in  a  related  field  and  1-2 
yrs.  of  exp.  w/specific  skill  sets. 
Some  entry  level  positions  are 
available  &  require  a  M  S 
degree  &  related  coursework  or 
exp.  Some  senior  level  posi¬ 
tions  are  also  available  &  require 
5  yrs.  of  progressive  exp. 
Competitive  salaries.  Must  be 
willing  to  travel/relocate.  Send 
resume  to:  jobs@scalarusa.com. 
Refer  to  specific  JO#  for  consid¬ 
eration.  Applicants  must  have 
authority  to  work  permanently  in 
the  U.S. 


Developers  (Application 

Developers,  Sr.),  multiple  open¬ 
ings.  Analyze,  design,  develop, 
test,  &  maintain  pension  applica¬ 
tion  systems  for  State  of  Indiana 
Retirement  Systems.  M.S.  in 
Engineering,  Computer  Science, 
or  Computer  Applications  req'd. 
Exp.  must  include:  object  orient¬ 
ed  application  analysis;  relational 
database  or  database  manage¬ 
ment  systems,  database  design, 
&  distributed  databases;  applica¬ 
tion  development;  C  program¬ 
ming  languages;  SQL,  HTML, 
XML,  JDBC,  JSP,  J2EE,  Tomcat, 
Servlets,  stored  procedures,  and 
DHTML.  One  addt'l  position  req’s 
exp.  with  Forte  client  server  appli¬ 
cations.  Another  position  req’s 
B.S.,  2  yrs  exp.  in  soft,  develop., 
&  exp.  migrating  code  to  Java 
environment.  Must  have  perma¬ 
nent  U.S.  employ,  auth.  Addt’l 
details  avail,  upon  request.  Mail 
resume  to  HR,  State  of  Indiana, 
Indiana  Office  of  Technology,  Ind. 
Govt.  Cntr  N..  100  North  Senate 
Ave.,  Indianapolis,  IN  46204. 


Citadel  Investment  Group  is 
seeking  a  Front  Office  Senior 
Developer  in  Chicago,  Illinois 
Primary  duties  to  include  support¬ 
ing  existing  applications  and 
servers  for  Citadel's  worldwide 
trading  desks  and  being  respon¬ 
sible  for  design,  implementation, 
testing,  deployment,  and  support 
of  new  applications  and  new  fea¬ 
tures  for  existing  applications 
using  custom  &  common  libraries 
and  methods.  Requirements 
include  a  Bachelor's  degree  in 
Computer  Science  or  related 
field,  and  5  years  of  relevant  work 
experience,  including  3  years  in 
the  financial  industry  with  a  solid 
understanding  of  the  financial 
markets,  trading  systems,  and 
real-time  industry  application 
trends.  Must  have  work  experi¬ 
ence  with  multithreading,  multi¬ 
cast.  client-server,  object-orient¬ 
ed  design,  memory  management, 
and  GUI  development,  mentoring 
junior  staff,  and  communicating 
with  front-office  users  and  other 
development  teams.  Qualified 
candidates  should  submit  a  cover 
letter  and  resume,  job  reference 
R-0057,  to: 

itjobs0057@citadelgroup.com. 
Principals  only  need  apply 


Place  Your 
Labor  Certification 
Ads  Here 

For  more  details, 
contact  us  at: 

800.762.2977 


With  35  branch  offices  located 
across  the  US.  COMSYS  is 
actively  recruiting  for  the  follow¬ 
ing  positions. 

Programmer  Analyst-  metro 
Northbrook,  IL-  Code  #NO120 
Programmer  Analyst  -  metro 
Plano,  TX-  Code  #  PL  130 
Programmer  Analyst-  metro 
Cedar  Rapids.  IA  -  Code  # 
CR100 

Programmer  Analyst-  metro 
Richmond,  VA-  Code  #  RI150 
Business  Systems  Analyst- 
metro  Owings  Mills,  MD  -  Code  # 
OM110 

Roving  employment  to  varying 
jobsites  throughout  the  US. 
Please  refer  to  appropriate  job 
code  when  submitting  resume  to: 
COMSYS,  Attn.  Nancy  Theriault, 
15455  N.  Dallas  Pkwy.,  Ste  300, 
Addison,  TX  75001. 
EOE./MF/DV 


Thomson,  Inc.  is  seeking  a  quali¬ 
fied  Research  Engineer,  Member 
of  Technical  Staff  for  its  Princeton, 
NJ  location  to  design  and  develop 
multimedia  networking  applica¬ 
tions.  modules,  and  protocols. 
Must  have  a  Master  s  degree  or 
equivalent  in  Computer  Science 
or  related  field  plus  one  year  of 
experience  in  the  related  occupa¬ 
tion  of  software  development  and 
socket  programming.  Experience 
may  have  been  gained  prior  to 
completion  of  Master  s  degree 
Salary  DOE.  Send  cover  letter 
and  resume  to  Thomson,  Inc., 
Attn:  HR  -  Job  #  9028,  10330 
North  Meridian  Street, 
Indianapolis.  IN  46290-1976 


IT  Manager  needed  to  dev 
&  impl  strategic  plan  for 
info  &  comm,  tech,  bud¬ 
gets,  system  acquisitions, 
negotiate  contracts,  man¬ 
age  LAN  &  system  securi¬ 
ty,  dvlp  promos.  Mail 
resume  to;  J&J 
Distributing,  Attn:  J. 
Hannigan,  653  Rice  St,  St. 
Paul.  MN  55103. 


Senior  Business  Applications 
Executive.  Wilton.  CT 
Analyze  business  processes, 
user  requirements  to 
design/develop  applications 
for  data  management  using 
Weblogic,  J2EE,  JAVA.  JSP. 
Servlets,  EJB,  JavaScript, 
Oracle  in  multiplatform  envi¬ 
ronment.  Work  with  team  of  4 
programmer  analysts  to 
enhance/fine  tune  systems. 
Test,  troubleshoot,  maintain 
existing  applications.  Reply 
to.  Allegient  Systems,  Inc.,  15 
River  Road.  Suite  300  Wilton, 
CT  06897 


Computer  Systems  Analyst 
to  analyze,  design  and 
develop  computer  and  web- 
based  systems  to  create 
business  software  solu¬ 
tions,  utilizing  Java/J2EE. 
Requires  Bachelor’s  or 
equivalent-level  degree  in 
Computer  Science, 

Engineering,  Mathematics 
or  closely  related  field,  and 
2  years  experience  in  all 
phases  of  J2EE  develop¬ 
ment.  Send  resume  to 
Cindy  Parrish,  Sigma- 
Aldrich  Corporation,  3050 
Spruce  Street,  St.  Louis, 
MO  63103.  EOE. 


Software  Engineer  w/Masters  in 
Comp  Sci  or  Engr  or  Math  &  1  yr 
exp  to  research,  design,  dev.  & 
test  computer  s/ware  systems. 
Analyze  s/ware  requirements. 
Formulate  &  design  s/ware  sys¬ 
tem  using  scientific  analysis  & 
mathematical  models.  Use 
HTML,  JavaScript,  PHP  and 
AJAX  for  browser  based  applic. 
&  Microsoft.Net  technologies  for 
client  server  applic.  on  Oracle  & 
MySQL  databases.  Mail  res  to: 
ASR  International  Corp.,  315 
Oser  Ave,  Hauppauge,  NY 
11788  Job  Loc:  Hauppauge,  NY 


Computer  System  Analyst 
Chromalox  is  the  global  leader  in 
electrical  heating  and  control 
components. 

Job  Summary: 

•  Analyze,  design,  develop,  test 
and  implement  JD  Edwards 
World  and  One  World  System  in 
the  distribution,  manufacturing 
and  financial  domain 

•  Expertise  in  the  Cognos  8  and  the 
SQL  server  database  is  also  a  must. 
Bachelors  degree  in  Business, 
Computer  Science  or  Information 
Systems  or  equivalent  and  5 
years  experience  required 
Please  e-mail  your  resume  to 
employment@Chromalox.com 
and  reference  job  code:  PA-SA-PB 


WebFeat,  Inc.,  located  in 
Ojai,  CA,  seeks  a  Software 
Engineer  for  their  location  in 
Arlington,  TX.  The  position 
requires  a  Masters  Degree  in 
Computer  Science  and  1 
year  experience  in 
Engineering  &  Technology, 
Technology  Design,  and 
Programming.  Mail  your 
resumes  to  Marge  Ehmann, 
Office  Manager  at  212  Del 
Norte  Rd..  Ojai,  CA  93023  or 
fax  resumes  to  516-908- 
4311.  Attn  :  Marge  Ehmann 
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Sr.  Cisco  Engineer 
needed  in  NJ,  MO  & 
other  client  sites  to 
plan,  configure  & 
implmt  data  center 
n/work  infrastructure. 
Must  be  CCNP.  Mail 
resume  to:  Global 
Consultants,  Attn: 
Hireme,  25  Airport  Rd, 
Morristown,  NJ  07960. 


Director  IS.  Project  Management 
Manage  core  elements  of  com¬ 
pany’s  System  Pharmacology 
workflows  and  overall  sample/ 
data  stream  as  it  relates  to  part¬ 
ners  and  internal  groups.  Direct, 
lead  and  mentor  personnel  in 
the  Information  Systems  group. 
Must  have  BS  or  foreign  equiv  in 
Comp  Sci  plus  5  yrs  progressive 
exp  in  software  project  manage¬ 
ment.  Send  resume  to  Stacie 
Rader,  VP,  Human  Resources, 
BG  Medicine,  610  North  Lincoln 
Street,  Waltham,  MA  02451 
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Law  Firms 
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IT  Consultants 
Staffing 
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here! 


Are  you 
frequently 
placing  legal  or 
immigration 
advertisements? 

Let  us 
help  you 
put  together 
a  cost  effective 
program  that 
will  make  this 
time-consuming 
task  a  little 
easier. 


COMPUTERWORLD 

Contact  us  at: 

it  careers 

800.762.2977 


Are 

you 

seeking 

IT 

Talent? 


Gfmputerworld 
IT  Careers 
provides 
recruitment 
management 
and  branding 
resources  that 
position  your 
company  in  front 
of  in-demand 
professionals 
who  are 
prospective 
candidates 
for  your 
IT  positions. 


Find  out  how 
you  can  reach 
over  1,200,000 
IT  professionals. 


Call  today  for 
details! 
800-762-2977 


COMPIFTERWQRLD 

IT 


% 


Computerworld  -  January  15,  2007 


RESOURCES 


www.computerworld.com 


S0MP1TERW0RLD  January  15, 2007 


HOW  ID  CONTACT 
COMPUTERWORLD 

We  invite  readers  to  call  or  write  with  their  comments 
and  ideas.  It  is  best  to  submit  ideas  to  one  of  the 
department  editors  and  the  appropriate  beat  reporter. 


Don  Tennant 

Editor  in  chief 

(508)620-7714 

Mitch  Betts 

Executive  editor 

(301)262-8243 

Julia  King 

Executive  editor,  events 

(610)  532-7599 

SECTION  EDITORS 

Craig  Stedman 

News  editor 

(508)820-8120 

Mike  Bucken 

Assistant  News  editor 

(508)820-8562 

Kathleen  Melymuka 

Features  editor 

(508)820-8118 

Ellen  Fanning 

Special  projects  editor 

(508)820-8204 

NATIONAL  CORRESPONDENTS 

Cary  Anthes 

(703)536-9233 

Thomas  Hoffman 

(845)988-9630 

Julia  King 

(610)532-7599 

Robert  L.  Mitchell 

(508)820-8177 

Carol  Sliwa 

(508)628-4731 

REPORTERS 

Matt  Hamblen  (508)820-8567 

Networking;  mobile/wireless; 
network/systems  management 

Heather  Havenstein  (919)  386-0381 
Business  intelligence;  application  development; 
Web  services;  application  server  software; 
health  care  industry 

Eric  Lai  (425)367-4359 

Windows,  Linux,  desktop  applications, 
databases,  financial  services  industry 

Linda  Rosencrance  (508)  628-4734 

General  assignment;  transportation  and 
automotive  industries 

Marc  L.  Songini  (508)820-8182 

ERP,  supply  chain  and  CRM  applications;  RFID; 
e-voting;  retail,  food  and  agribusiness  industries 

Patrick  Thibodeau  (202)333-2448 

Enterprise  systems;  Unix;  outsourcing  and 
immigration;  antitrust  issues 

Jaikumar  Vijayan  (630)  978-8390 

Corporate  security/privacy  issues; 
related  legislation  and  regulations 

Todd  R.  Weiss  (717)560-5255 

General  assignment;  open-source 
community;  intellectual  property; 
messaging/collaboration 


OPINIONS 

Mark  Hall 

Editor  at  large 

(503)391-1158 

Frank  Hayes 

Senior  news  columnist 

(503)252-0100 

COMPUTERWORLO.COM 

Scot  Finnie 

Online  editorial  director 

(508)  628-4868 

Sharon  Machlis 

Managing  editor/online 

(508)820-8231 

Ken  Mingis 

Online  news  editor 

(508)820-8545 

Marian  Prokop  (508)  620-7717 

Online  editor  at  large/Mobile  &  Wireless  editor 

David  Ramel  (508)820-8269 

E-mail  newsletters/Networking  channel  editor 

Johanna  Ambrosio  (508)  820-8157 

Online  servers  and  data  center  editor 

Angela  Gunn 

Security  channel  editor 

(206)388-2508 

Lucas  Mearian 

Storage  channel  editor 

(508)820-8215 

Valerie  Potter  (828)  350-8518 

Online  how-to  and  reviews  editor 

Ian  Lamont 

Senior  online  projects  editor 

(508)820-8187 

Joyce  Carpenter 

Online  projects  editor 

(508)820-8161 

RESEARCH 

Mari  Keefe 

Research  manager 

Gussie  Wilson 

Research  associate 


COPY  DESK 

Michele  Lee  DeFilippo  (508)  820  8126 

Managing  editor/production 

Bob  Rawson  (508)  271-8015 

Assistant  managing  editor/production 


Eugene  Demaltre,  Monica  Sambataro 

Senior  copy  editors 


Carla  Dempsey,  Donna  Sussman 

Copyeditors 


GRAPHIC  DESIGN 

Stephanie  Faucher  (508)  820-8235 

Design  director 

April  O'Connor 

Art  director 


Owen  Edwards 

Associate  art  director 


ADMINISTRATIVE  SUPPORT 

Linda  Gorgone  (508)  820-8176 

Office  manager 


CONTRIBUTING  EDITORS 

Jamie  Eckle  (617)596-1873 

Opinions,  features 

Preston  Gralla  preston@gralla.com 

Networking/Internet 


David  Haskin  dhaskin@earthlink.net 
Mobile  &  Wireless 


CONTRIBUTING  COLUMNISTS 
Michael  Gartenberg,  Paul  Glen, 
John  Halamka,  Thornton  A.  May, 
Bart  Perkins,  Virginia  Robbins, 
Bruce  A.  Stewart 


CONTRIBUTING  WRITERS 

Mary  Braudel,  Stacy  Collett, 

Russell  Kay,  Mary  K.  Pratt, 
Drew  Robb 


TELEPHONE/FAX 

Main  phone  number  (508)879-0700 
All  editors  unless  otherwise  noted  below 


Main  fax  number 

(508)875-8931 

24-hour  news  tip  line 

(508)620-7716 

E-MAIL 

■Our  Web  address  is 
www.computerworld.com. 

■  Staff  members'  e-mail  follows  this  form: 
firstnameJastname@computerworld.com. 

■  For  IDG  News  Service  correspondents: 
ftrstnamejastname@idg.com. 


LETTERS  TO  THE  EDITOR 

Letters  to  the  editor  are  welcome 
and  should  be  sent  to:  letters@computer- 
world.com.  Include  your  address  and 
telephone  number. 


MAIL  ADDRESS 

PO  Box  9171, 1  Speen  Street, 
Framingham,  Mass.  01701 

SUBSCRIPTIONS/BACK  ISSUES 

Subscription  rates: 

■U.S.,$99.99/year 

■  Canada,  $130/year 

■  Central  and  South  America,  $250/year 
■All  others,  $295/year 


Phone 

(888)559-7327 

E-mail 

cw@omeda.com 

Back  issues 

(888)559-7327 

REPRINTS/PERMISSIONS 


Contact 

Erik  Eberz 

Phone 

(717)  399-1900,  ext.  150 

E-mail  computerworld@reprintbuyer.com 

Visitwww.reprintbuyer.com  to  obtain 
quotes  and  order  reprints  online. 


COMPANIES  IN  THIS  ISSUE 

Page  number  refers  to  page  on  which  story  begins.  Company  names  can  also  be 
searched  at  www.computerworld.com 


3COM  CORP. . 8 

ACCENTURE  LTD . 28 

ACTIVEHEALTH 

MANAGEMENT  INC . 7 

ADOBE  SYSTEMS  INC . 10 

ADVANCED  MICRO 

DEVICES  INC . 8,  23,  24 

A.EROPORT  DE 

LUXEMBOURG . 12 

AETNA  INC . 7 

AFFORDABLE  INTERNET 

SERVICES  ONLINE  INC . 7 

AISO  NET . 7 

ALIBABA.COM  CORP . 12 

_ALISOFT.NET . 12 

'  APPLE  INC . 24.  38 

ATLANTIC  BEEF 

PRODUCTS  INC . 36 

BAIDU.COM  INC . 12 

BENQCORP . 12 

BENQ  MOBILE  GMBH . 12 

BETH  ISRAEL  DEACONESS 

MEDICAL  CENTER . 16 

BROCADE  COMMUNICATIONS 

SYSTEMS  INC . 10 

BROTHER  INDUSTRIES  LTD,  ,  .20 
BT  COUNTERPANE 

INTERNET  SECURITY  INC . 20 

CANON  INC .  20 

CAREGROUP 

HEALTHCARE  SYSTEM . 16 

CASIO  INC . 36 


CENTOS . 24 

CHICAGO  MERCANTILE 
EXCHANGE  HOLDINGS  INC. ...  6 
CHINA  INTERNET  NETWORK 

INFORMATION  CENTER . 12 

CINGULAR  WIRELESS  LLC. . .  24 
CISCO 

SYSTEMS  INC . 23.  24.  26 

CLERITY  SOLUTIONS  INC . 14 

CLOVER  TOYS . 36 

COGNOSINC . 15 

CORVUCORP. . 15 

DATALINK  CORP. . 6 

DELL  INC . 24 

EBAY  INC . 16 

ELECTRONIC  PRIVACY 

INFORMATION  CENTER . 6 

FORRESTER  RESEARCH  INC. .  .7 

FUJITSU  LTD . 20 

GARTNER  DATAQUEST  . 12 

GARTNER  INC . 16,  26.  30 

GETAFREELANCER.COM . 25 

GLOBALLEARNING 

RESOURCES  INC . 26,  27 

GOOGLE  INC . 12.  24,26 

HANNON  HILL  CORP . 8 

HARVARD  CLINICAL 

RESEARCH  INSTITUTE . 16 

HARVARD 

MEDICAL  SCHOOL . 16 

HENKEL  CORP . 26 

HENKEL  OF  AMERICA  INC. ...  26 


HEWLETT-PACKARD  CO.  . .  8. 10. 

. 20,  24 

HiREMINDS  LLC . 26,27 

HUAWEI 

TECHNOLOGIES  CO . 12 

HYPERfON 

SOLUTIONS  CORP . 15 

IBM . 7,8.10, 

. 12.14,20,24 

IDC . 7.  8, 15 

INDEPENDENT  ORACLE 

USERS  GROUP . 6 

INFOCROSSING  INC . 14 

INFOSYS 

TECHNOLOGIES  LTD . 27 

INNOVATE  IT . 25 

INTEL  CORP. . 6,12,23 

INTERNAL  REVENUE 

SERVICE . 10 

INTERNATIONAL  ASSOCIATION 
OF  OUTSOURCING 

PROFESSIONALS . 30 

INTERNATIONAL  ORACLE 

USERS  GROUP . 6 

INTERNATIONAL  STANDARDS 

ORGANIZATION . 30 

INTUIT  INC . 36 

JAPAN  GROUND 

SELF-DEFENSE  FORCE . 23 

JOINT  PHOTOGRAPHIC 

EXPERTS  GROUP . 22 

JUNIPER  NETWORKS  INC .  10 

LENOVO  GROUP  LTD . 24 

LEVERAGE  PARTNERS  INC. . .  30 
LEXMARK 

INTERNATIONAL  INC . 20 

LIBERTY  ARK  COALITION  ...  36 

LINKEDINCORP.  . 27 

MAS  STRATEGIES . 15 


MATROX  GRAPHICS  INC . 24 

McCORMICK  AND  CO . 18 

McDATA  CORP. . 10 

MERIT-TRAX 

TECHNOLOGIES  INC . 36 

MI5 . 12 

MICROSOFT  CORP . 6, 7,  8. 10. 

. 15, 16,  22,  23,  24,  26,  36 

MIT . 16,27 

MOTOROLA  INC . 12 

MOZILLA  FOUNDATION . 24 

MYSQL  AB . 10,26 


NATIONAL  E-PRESCRIBING 
PATIENT  SAFETY  INITIATIVE  ...  6 
NATIONAL  INSTITUTE  OF 


STANDARDS  AND 

TECHNOLOGY . 6 

NATIONAL 

SECURITY  AGENCY . 6 

NCR  CORP. . 10 


NEW  ENGLAND  HEALTH 
ELECTRONIC  DATA 
INTERCHANGE  NETWORK ...  .16 


NINTENDO  OF 

AMERICA  INC . 24 

NOKIA  CORP . 12 

NORTH  ATLANTIC 

TREATY  ORGANIZATION . 6 

NORTHEAST  ORGANIC 
FARMING  ASSOCIATION  OF 

MASSACHUSETTS . 36 

NYSE  GROUP  INC . 14 

ODESK  CORP . 25 

ORACLE  CORP. . 1,6.7, 


. 10. 15,  36 

ORGANIZATION  FOR  THE 
ADVANCEMENT  OF 
STRUCTURED 

INFORMATION  STANDARDS  ...7 


OUTLOOKSOFTCORP . 15 

PALM  INC . 24 

PENGUIN  COMPUTING  INC.. . .  24 

POSTINI  INC . 8 

PROPHECY 

INTERNATIONAL  PTY. . 1, 15 

PSION  TEKLOGIX  INC . 36 

RYZE  LTD . 27 

SALESFORCE.COM  INC . 8 

SANS  INSTITUTE . 20 

SAP  AG . 6,  8,  26,36 

SCANSAFE  SERVICES  LLC, ...  8 
SEAGULL  LIGHTING 

PRODUCTS  LLC . 7 

SECURELOGIX  CORP . 8 

SECURITIES  INDUSTRY 

AUTOMATION  CORP. . 14 

SEGA  OF  AMERICA  INC . 24 

SEIKO  EPSON  CORP . 20 

SENTEX  SENSING 

TECHNOLOGIES  INC . 12 

SERVICE  &  SUPPORT 
PROFESSIONALS 

ASSOCIATION . 8 

SIEMENS  AG . 12 

SILVERBACK 

SYSTEMS  INC . 10 

SOHU.COM  INC . 12 

SOLAR  ENERGY 
INDUSTRIES  ASSOCIATION  ...  .7 

SONY  CORP. . 24 

SUN 

MICROSYSTEMS  INC . 8,14 

SUNEDISON  LLC . 7 

SYMANTEC  CORP. . 6. 16.  20 

SYMBOL 

TECHNOLOGIES  INC . 12 

TAIWAN  SEMICONDUCTOR 
MANUFACTURING  CO . 12 


TATA  CONSULTANCY 

SERVICES  LTD . 27 

TECHNOLOGY  PARTNERS 

INTERNATIONAL  INC . 14 

TERADATA . 10 

THE  CONFERENCE 

BOARD  INC . 30 

THE  ECADEMY  LTD . 27 

THE  LIBERTY  ALLIANCE . 8 

THE  READER'S  DIGEST 

ASSOCIATION  INC . 14 

TIPPINGPOINT . 8 

TIVOLI  SOFTWARE . 7 

TRANSMETA  CORP . 6 

U.K.  SECURITY  SERVICE . 12 

U.S.  COAST  GUARD . 14 

U.S.  DEPARTMENT  OF 

AGRICULTURE . 36 

U.S.  DEPARTMENT  OF 

COMMERCE . 12 

U.S.  DEPARTMENT  OF 

DEFENSE . 6 

U.S.  DEPARTMENT  OF 
HOMELAND  SECURITY. . .  . . .  .14 
U.S.  DEPARTMENT  OF 

JUSTICE . 24 

U.S.  GOVERNMENT 

ACCOUNTABILITY  OFFICE . 14 

U.S.  TRANSPORTATION 
SECURITY  ADMINISTRATION  . .  14 

UNISPHERE  RESEARCH . 6 

UNISYS  BELGIUM  SA . 12 

UNISYS  CORP. . 12 

VISION  2  EXECUTION . 30 

WIPRO  LTD . 27 

XEROX  CORP. . 20 

YAHOO  INC . 12 


www.computerworld.com 


COMPNTERWSRLD  January  15, 2007 


35 


COMPUTERWORLD 

HEADQUARTERS 

One  Speen  Street,  P.O.  Box  9171 
Framingham.  MA  01701-9171 
Phone:(508)879-0700 
Fax:  (508)875-4394 

PRESIDENT/PUBLISHER/CEO 

Matthew  J.  Sweeney 
(508)  271-7100 

EXECUTIVE  ASSISTANT  TO  CEO/ 
CORPORATE  COMMUNICATIONS  MANAGER 

Laureen  Austermann 
(508)820-8522 


VICE  PRESIDENT/ 

GENERAL  MANAGER  ONLINE 

Martha  Connors(508)  620-7700 

VICE  PRESIDENT/MARKETING 

Matt  Duffy 
(508)820-8145 

VICE  PRESIDENT/ 

CUSTOM  CONTENT 

Bill  Laberis 
(508) 820-8669 

VICE  PRESIDENT/ 

HUMAN  RESOURCES 

Julie  Lynch 
(508)820-8162 

EXECUTIVE  VICE  PRESIDENT/ 
STRATEGIC  PROGRAMS 

Ronald  L.  Milton 
(508)  820-8661 

VICE  PRESIDENT/ONLINE  SALES 

Gregg  Pinsky 
(508)271-8013 

EXECUTIVE  VICE  PRESIDENT/COO 

Matthew  C.  Smith 
(508)820-8102 

VICE  PRESIDENT/ 

EDITOR  IN  CHIEF 

Don  Tennant 
(508)620-7714 

VICE  PRESIDENT/CIRCULATION 

Debbie  Winders 
(508)  820-8193 

CIRCULATION 

Sr.  Circulation  Specialist/Diana  Turco.  (508)  820-8167 

PRODUCTION 

Vice  President  Production/Carolyn  Medeiros:  Production  Manag¬ 
er/Kim  Pennett:  Print  Display  Advertising:  (508)  820-8232.  Fax: 
(508)  879-0446:  DISTRIBUTION:  Director  of  Distribution  and 
Postal  Affalrs/Bob  Wescott 


STRATEGIC  PROGRAMS  AND  EVENTS 

Vice  President  Strategic  Initiatives/Leo  Leger:  Vice  President  Busi¬ 
ness  Development/John  Amato:  Senior  Director.  Event  Sponsorship 
Sales/Ann  Harris:  Vice  President.  Event  Marketing  and  Conference 
Programs/Derek  Hulitzky:  Director,  Event  Management/Michael 
Meleedy:  Program  Director.  Computerworld  Honors/Sandy  Weill; 
Business  Development  Specialist/Colin  Longval:  Business  Develop¬ 
ment  Specialist/Chris  Leger;  Business  Development  Specialist/Amy 
McLellan;  Marketing  Manager/Timothy  Johnson;  Conference  Manag¬ 
er/Nancy  Felsheim;  Sr.  Marketing  Specialist/Duncan  Newell;  Execu¬ 
tive  Programs  Manager-Computerworld  Honors/Deborah  Lee;  Exec¬ 
utive  Programs  Manager-Executive  Assistant/  Kelly  McGill:  Custom 
Events  Specialist/Jean  Lee;  Operations  Specialist/Chris  Johnson: 
Web  Development  Specialist/Michelle  Remeny;  Customer  Service 
Coordinator/Josh  Ryan;Audience  Development  Coordinator/Shari 
Ebb.  One  Speen  Street.  Box  9171.  Framingham,  MA  01701-9171. 
(508)  879-0700.  Fax:  (508)  626-8524 


ONLINE  ADVERTISING 

Director  of  Online  Sales/Sean  Weglage,  (415)  978-3314,  Fax:  (415) 
543-8010:  Online  Sales  Manager,  East  Coast/James  Kalbach.  (610) 
971-1588:  Online  Account  Executive/April  Hughes,  (415)  978-3311, 
Fax:  (415)  543-8010;  Online  Account  Executive/Matthew  Wintringham. 
(508)  270-3882,  Fax:  (508)  270-3882;  Account  Services  Director/Bill 
Rigby.  (508)  820-8111,  Fax:  (508)  270-3882;  Online  Account  Execu¬ 
tive/Kathryn  Goiyl.  (508)  620-7760.  Fax:  (508)  270-3882:  Online  Ac¬ 
count  Services  Specialist/Stacey  Buchanan;  Online  Account  Services 
Specialist/Heidi  Squires;  Online  Sales  Assistant/Joan  Olson  (508)  270- 
7112'  One  Speen  Street.  Box  9171.  Framingham,  MA  01701-9171,  Fax: 
(508)270-3882 


IT  CAREERS  ADVERTISING  SALES  OFFICE 

Director  of  Sales/Laura  Wilkinson,  (847)  441-8877,  Fax:  (847) 
441-8878;  One  Speen  Street,  Framingham,  MA  01701 


LIST  RENTAL 

POSTAL:  Rich  Green.  (508)  370-0832.  e-mail:  rgreen 
@idglist,com.  E-Mail:  Christine  Cahill.  (508)  370-0808, 
e-mail:  ccahill@idglist.com.  MAILING  ADDRESS:  IDG  List  Ser¬ 
vices.  P.O.  Box  9151,  Framinghan^MA  01701-9151,  Fax:  (508) 


PRESIDENT/PUBLISHER/CEO 

Matthew  J.  Sweeney 
(508)  271-7100 
Fax:  (508)  270-3882 

SALES  INTEGRATION  DIRECTOR 

Laurie  Marinone 
(508)  628-4823 
Fax:  (508)  270-3882 


NORTHWESTERN  STATES  |  CENTRAL  STATES 


ACCOUNT  DIRECTOR:  Jim  Barrett  (415)  978-3306. 
ACCOUNT  EXECUTIVE:  Chris  Da  Rosa  (415)  978-3304, 
501  Second  Street,  Suite  114.  San  Francisco.  CA  94107. 
Fax:  (415)  543-8010 


BAY  AREA 


ACCOUNT  DIRECTORS:  Jim  Barrett  (415)  978-3306, 
Sara  Culley  (415)  978-3307;  ACCOUNT  EXECUTIVES: 
Chris  Da  Rosa  (415)  978-3304.  Emmie  Hung  (415)  978- 
3308. 501  Second  Street.  Suite  114.  San  Francisco.  CA 
94107.  Fax:  (415)  543-8010 


SOUTHWESTERN  STATES 


ACCOUNT  DIRECTOR:  Bill  Hanck  (949)  442-4006; 
ACCOUNT  EXECUTIVE:  Jean  Dellarobba  (949)  442- 
4053, 19200  Von  Karman  Avenue,  Suite  360.  Irvine.  CA 
92612.  Fax:  (949)  476-8724 


EASTERN  CENTRAL  STATES/  INDIANA 


ACCOUNT  DIRECTOR:  Peter  Mayer  (201)  634-2324; 
ACCOUNT  EXECUTIVE:  John  Radzniak  (201)  634-2323, 
650  From  Road  -  2nd  Floor,  Paramus,  NJ  07652.  Fax: 
(201)  634-9289 


ACCOUNT  DIRECTOR:  Bill  Hanck  (949)  442-4006; 
ACCOUNT  EXECUTIVE:  Jean  Dellarobba  (949)  442- 
4053, 19200  Von  Karman  Avenue.  Suite  360,  Irvine.  CA 
92612.  Fax:  (949)  476-8724 


NEW  ENGLAND  STATES 


ACCOUNT  MANAGER:  Deborah  Crimmings  (508)  271- 
7110:  SALES  ASSOCIATE:  Jess  Roman  (508)  271-7108. 
One  Speen  Street.  Framingham.  MA  01701.  Fax:  (508) 
270-3882 


METRO  NEW  YORK 


ACCOUNT  DIRECTOR:  Peter  Mayer  (201)  634-2324; 
ACCOUNT  EXECUTIVE:  John  Radzniak  (201)  634-2323, 
650  From  Road  -  2nd  Floor,  Paramus.  NJ  07652,  Fax: 
(201)  634-9289 


SOUTHEASTERN  STATES 


ACCOUNT  DIRECTOR:  Lisa  Ladle-Wallace  (904)  284-4972, 
5242  River  Park  Villas  Dr.,  St.  Augustine.  FL  32092,  Fax: 
(800)779-8622:  SALES  ASSOCIATE:  Jess  Roman  (508) 
271-7108,  One  Speen  Street,  Framingham,  MA  01701,  Fax: 
(508)  270-3882 


ADVERTISER'S  INDEX 


CA . 11 

www.ca.com 

Dell . 4 

www.dell.com 

Hewlett-Packard . 40 

www.hp.com 

IBM  Software . 19,  21 

www.ibm.com 

IT  WatchDogs  Inc . 32 

www.ITWatchDogs.com 

Kimball  Group . 29 

www.klmballgroup.com 

Microsoft  Exchange . 2-3 

mlcrosoft.com/exchange 

Mobile  &  Wireless  World 

Conference . 37 

www.mwwusa.com 

MyFax . 32 

myfax.com/assessl 

Network  Appliance . 39 

www.netapp.com 

Network  Instruments . 31 

networkinstruments.com/volp 

Rosetta  Stone . 32 

www.RosettaStoneusa.com/cws017 

SAS . 9 

www.sas.com 

Sharp . 13 

www.sharpusa.com 


This  Index  li  provided  as  an  additional  service.  The  publisher 
does  net  assume  any  liability  tor  errors  or  omfesione. 


INTERNATIONAL 
DATA  GROUP 

CHAIRMAN  OF  THE  BOARD 

Patrick  J.  McGovern 


PRESIDENT.  IDG  COMMUNICATIONS 

Bob  Carrigan 


COMPUTERWORLD  is  a  business  unit  of  IDG,  the 
world's  leading  technology  media,  research  and  event 
company.  IDG  publishes  more  than  300  magazines 
and  newspapers  and  offers  online  users  the  largest 
network  of  technology-specific  sites  around  the  worid 
through  IDG.net  (www.idg.net),  which  comprises  more 
than  330  targeted  Web  sites  in  80  countries.  IDG  is 
also  a  leading  producer  of  168  computer-related  events 
worldwide,  and  IDG's  research  company,  IDC,  provides 
global  market  intelligence  and  advice  through  5l 
offices  in  43  countries.  Company  information  is 
availableatwww.idg.com. 


Have  a  problem  with  your  Computerworld  subscription? 


We  want  to  solve  it  to  your  complete  satisfaction,  and  we  want  to  do  it  fast. 

Please  write  to  Computerworld,  P.O.  Box  3500,  Northbrook,  IL  60065-3500. 

Your  magazine  subscription  label  is  a  valuable  source  of  information  for  you  and  us.  You  can  help  us  by 
attaching  your  magazine  label  here,  or  copy  your  name,  address,  and  coded  line  as  it  appears  on  your 
label.  Send  this  along  with  your  correspondence. 


ADDRESS  CHANGES  OR  OTHER  CHANGES  TO  YOUR  SUBSCRIPTION 

All  address  changes,  title  changes,  etc.  should  be  accompanied  by  your  address  label,  if 
possible,  or  by  a  copy  of  the  information  that  appears  on  the  label,  including  the  coded  line. 


YOUR  NEW  ADDRESS  GOES  HERE: 


ADDRESS  SHOWN:  □Home  □Business 


NAME 

TITLE  COMPANY 

ADDRESS 


CITY  STATE  ZIP 

OTHER  QUESTIONS  AND  PROBLEMS 

it  is  better  to  write  us  concerning  your  problem  and  include  the  magazine  label.  Also,  address  changes 
are  handled  more  efficiently  by  mail.  However,  should  you  need  to  reach  us  quickly,  the  following  toll-free 
number  is  available:  (888)  559-7327  Outside  U.S.  call  (847)  559-7322. 

Internet  address:  cw@omeda.com 


COMPUTERWORLD  allows  advertisers  and  other  companies  to  use  its  mailing  list  for  selected  offers  we  feel  would  be 
of  interest  to  you.  We  screen  these  offers  carefully.  If  you  do  not  want  to  remain  on  the  promotion  list  please  write  to  the  fol¬ 
lowing  address  -  COMPUTERWORLD.  Circulation  Department,  One  Speen  Street.  Framingham.  MA  01701. 


www.computerworld.com 


CCMPtiTERWORLD  January  15, 2007 


NEWS 


Continued  from  page  1 

ID  Mandate 

and  the  public.” 

The  farmers  and  ranchers, 
and  the  industry  groups  that 
represent  them,  contend  that 
a  mandatory  NAIS  program 
would  impose  unnecessary 
costs  and  technical  challenges 
on  their  businesses. 

NAIS  calls  for  using  tech¬ 
nology  to  tag  and  track  cattle 
and  other  livestock  from  birth 
to  the  slaughterhouse.  No 
technology  has  yet  been  cho¬ 
sen  for  the  effort,  though  ana¬ 
lysts  expect  that  most  farmers 
would  use  radio  frequency 
identification  tags. 

The  program  aims  to  track 
animals  through  the  supply 
chain  to  help  health  officials 
find  the  source  of  meat-borne 
diseases  such  as  bovine  spon¬ 
giform  encephalopathy,  also 
known  as  mad  cow  disease. 

Officials  at  the  U.S.  Depart¬ 
ment  of  Agriculture,  which 
oversees  the  program,  last 
week  insisted  that  participa¬ 
tion  in  NAIS  will  remain 
voluntary  and  that  the  agency 
won’t  limit  participants  to  us¬ 


ing  a  specific  technology. 

But  Peterson  argued  that  the 
effort  has  yet  to  see  much  suc¬ 
cess  and  needs  a  boost. 

“USDA’s  success  in  imple¬ 
menting  the  NAIS  to  date  has 
been  limited  at  best,”  Peterson 
said.  “Nearly  $100  million  has 
been  spent  to  establish  the 
system,  and  yet  we  still  do 
not  have  a  functioning  system. 
Many  other  countries,  includ¬ 
ing  Canada  and  Australia, 
established  functioning  pro¬ 
grams  at  a  lower  cost  than  we 
have  already  spent.” 

Frank  Albani,  president  of 
the  Northeast  Organic  Farm¬ 
ing  Association  of  Massachu¬ 
setts,  an  organization  based  in 
Barre,  Mass.,  that  counts  900 
small  farmers  among  its  mem¬ 
bers,  argued  that  NAIS  will 


benefit  only  RFID  gear  ven¬ 
dors  and  large  meat  producers 
and  retailers  while  hurting 
small  farmers.  “They  have 
[tracking]  systems  in  place  in 
Ireland  and  Australia,  and  they 
cost  an  exorbitant  amount  of 
money,”  Albani  said. 

Large  agribusinesses  have 
already  installed  systems  to 
track  animals  or  meat  that 
is  shipped  cross-country  or 
internationally,  he  noted.  On 
the  other  hand,  smaller  farm¬ 
ers  generally  sell  their  wares 
locally,  so  such  a  program  isn’t 
needed  for  them,  Albani  said. 

‘Points  of  Failure’ 

Karin  Bergener,  founder  of  the 
Hollow  Rock,  Tenn.-based  Lib¬ 
erty  Ark  Coalition,  said  that 
the  exact  cost  of  using  RFID 
chips  on  animals  remains 
undetermined.  However,  she 
said  that  her  group,  which  was 
established  to  fight  NAIS,  has 
estimated  that  costs  in  coun¬ 
tries  such  as  the  U.K.  and  Aus¬ 
tralia  can  run  as  high  as  $69 
per  head  of  cattle,  a  total  that 
could  erase  the  profit  margin 
for  some  species. 

She  also  noted  that  “the 
points  of  failure  involved  with 


Microsoft  Set  to  Unveil  Retail  App  Upgrade 


Plans  to  announce  upgrades  to  retail 
management,  point-of-sale  software 


BY  MARC  L.  SONGINI 

Microsoft  Corp.,  Oracle  Corp. 
and  SAP  AG  all  plan  to  unveil 
new  offerings  this  week  at  the 
National  Retail  Federation 
2007  conference  in  New  York. 

Microsoft  will  introduce 
the  Microsoft  Dynamics  Point 
of  Sale  2.0  and  Microsoft  Dy¬ 
namics  Retail  Management 
System  2.0  applications  dur¬ 
ing  the  conference,  according 
to  Jen  Larson,  senior  product 
manager  for  Microsoft’s  point- 
of-sale  offerings. 

Point  of  Sale  2.0  is  tailored 
for  cash  registers  at  single¬ 
store  operations  and  has  been 
enhanced  to  make  cashiers 


more  efficient,  Larson  said. 

The  application  also  fea¬ 
tures  integration  with  Micro¬ 
soft  Office  Accounting  Profes¬ 
sional  2007  software,  she  said. 

Microsoft’s  point-of-sale  ap¬ 
plication  has  already  delivered 
greater  flexibility  in  cashier 
operations  at  beta  tester  Clo¬ 
ver  Toys,  according  to  Sarah 
Furstenberg,  owner  of  the  Se¬ 
attle-based  specialty  toy  store. 

With  the  new  Microsoft 
software,  it’s  easier  to  custom¬ 
ize  the  screens  on  Clover’s 
Casio  Inc.  cash  registers,  she 
said,  adding  that  it’s  also  easier 
to  teach  new  employees  to  use 
the  system. 


Other  New  Apps 


■  Retail  Returns  Manage¬ 
ment,  an  application  for  integrat¬ 
ing  returns  processes  and  prevent¬ 
ing  fraud 

■  The  integrated,  business- 
intelligence-based  Promotional 
Planning  &  Optimization  app 


SAP  AG 


■  Master  Data  Management 
for  Retail  to  help  retailers  syn¬ 
chronize  employee  and  product 
information 

■  SAP  Zone  Optimization  de¬ 
cision-support  tool  to  boost  profit 

Additionally,  the  retailer  ex¬ 
pects  to  soon  take  advantage 
of  Point  of  Sale  2.0’s  integra¬ 
tion  with  Accounting  Profes- 


such  a  database  are  almost 
impossible  to  count.”  Bergener 
also  raised  privacy  concerns, 
contending  that  the  technol¬ 
ogy  could  also  be  used  to  track 
animal  owners. 

Pushback  from  producers 
prompted  the  USDA  in  No¬ 
vember  not  to  switch  from  a 
voluntary  program  to  a  manda¬ 
tory  one,  an  agency  spokesman 
said.  At  the  time,  the  USDA 
also  shifted  technical  and 
implementation  responsibility 
to  state  governments.  “We  be¬ 
lieve  the  best  program  respects 
states’  rights,”  he  said.  “It’s  up  to 
the  states  [to  determine]  if  they 
want  to  make  it  mandatory.” 

So  far,  only  Michigan  has 
moved  to  require  mandatory 
compliance  with  the  rules.  All 
cattle  in  that  state  must  have 
RFID  tags  by  March  2007. 

The  USDA  spokesman 
noted  that  the  department  has 
spent  about  $84  million  thus 
far  to  implement  NAIS. 

Meanwhile,  Peterson  is  call¬ 
ing  on  his  colleagues  in  Con¬ 
gress  to  seek  ways  of  making 
NAIS  implementation  cheap, 
efficient,  secure  and  manda¬ 
tory.  No  timeline  has  been  set 
to  discuss  his  proposal. » 


sional  to  eliminate  manual 
bookkeeping  processes,  she 
said,  noting  that  Clover  cur¬ 
rently  uses  Intuit  Inc.’s  Quick- 
Books  application. 

Microsoft  will  also  an¬ 
nounce  Retail  Management 
System  2.0,  said  Larson, 
which  is  tailored  for  small  to 
midsize  stores.  That  applica¬ 
tion  has  been  updated  to  help 
users  more  easily  manage 
complex  inventory  processes, 
she  said. 

Pricing  for  Microsoft’s  point- 
of-sale  software  starts  at  $799 
for  a  single  store;  Microsoft 
Dynamics  Retail  Management 
System  starts  at  $1,190  for  a 
single  store. 

Oracle  and  SAP  officials  said 
that  during  the  conference, 
each  company  plans  to  unveil 
two  products  targeting  retail 
customers.  > 


Canadian  Beef 
Processor 
Touts  RFID 

USING  an  RFID  tracking  sys¬ 
tem  for  animals  can  boost  effi¬ 
ciencies  and  provide  benefits  to 
small  meat  producers 
and  processors,  ac¬ 
cording  to  a  Canadian 
company  using  such  a 
system. 

Some  small  farm¬ 
ers  and  ranchers  in 
the  U.S.  are  resisting 
efforts  by  federal  and 
state  governments  to  imple¬ 
ment  a  system  for  tracking 
animals.  Those  farmers  have 
argued  that  the  costs  of  such 
a  system  could  prove  to  be 
prohibitive  and  that  privacy 
concerns  have  not  yet  been 
addressed. 

However,  using  RFID 
systems  to  track  livestock  has 
proved  beneficial  to  the  sup¬ 
pliers  of  animals  to  Atlantic 
Beef  Products  Inc.,  said  Paul 
Arsenault,  controller  at  the  beef 
processing  operation  in  Albany, 
Prince  Edward  Island. 

Arsenault  said  that  Atlantic 
Beef’s  tracking  system  uses 
readers  from  Psion  Teklogix 
Inc.  in  Mississauga,  Ontario, 
and  software  from  Merit-Trax 
Technologies  Inc.  in  St.  Laurent, 
Quebec. 

The  cows  are  tagged  with 
passive  RFID  chips  by  farmer 
clients  of  the  processor  and 
are  tracked  from  the  barn  to 
the  processing  plant  “till  they’re 
out  the  door,"  Arsenault  said. 
Atlantic  Beef  processes  about 
500  animals  per  week  for  about 
225  farmers. 

The  system  enables  real-time 
monitoring  and  automates  the 
delivery  of  data  for  invoicing, 
food  labeling  and  shipping. 

Arsenault  said  that  using 
RFID  tags  ensures  that  small 
farmers  get  credit  -  and  are  paid 
-  for  the  exact  amount  of  beef 
they  ship  to  the  processing  plant. 

-MARCL.  SONGINI 


ARSENAULT: 
RFID  benefits 
livestock 
suppliers. 
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Top  IT  managers  responsible  for  mobile 
and  wireless  initiatives  will  gather  in 
an  executive  forum  at  Computerworld's 
5th  annual  Mobile  &  Wireless  World 
Conference  to: 

•  Hear,  discuss  and  witness  practical 
strategies  for  planning,  designing 
and  building  mobile  and  wireless 
platforms  and  strategies 

•  Gain  first-hand  experience  for 

understanding  and  addressing  the 
critical  challenges  for  mobile  and 
wireless  success 

•  Take  away  actionable  information 

for  making  better  mobile  and  wireless 
decisions  with  speed  and  confidence 

•  Learn  about  developing  technologies 

and  the  latest  tools  and  applications 

•  Examine  the  industry’s  major  issues 
and  challenges 

•  Network  with  other  IT  executives  with 
similar  mobile  and  wireless  mandates 


Featured  presenters  include: 


ANTONIO  R.  CAESAR 

Chief  Information  Officer,  Head  USA,  Inc. 
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Chief  Wireless  Officer,  eBusiness, 

Fidelity  Investments 
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Meet  potential  partners 
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FRANK  HAYES  ■  FRANKLY  SPEAKING 


The  iPhone  Idea 


AND  NOW,  THE  IPHONE.  Smack  in  the  middle  of  gadget 
season  —  when  users  are  figuring  out  their  high-tech 
holiday  gifts  and  hot  new  items  are  coming  out  of 
the  Consumer  Electronics  Show  —  here  comes  Apple’s 
entry:  a  $500  cell-phone-cum-iPod-cum-wireless-Web- 
browser  that  has  stolen  the  limelight  from  everything  else. 

Is  it  really  as  stuffed  with  innovative  features  as  Steve  Jobs  made  it 
sound  from  the  stage  at  Macworld  Expo  last  week?  Nah.  Most  of  those 
features  have  been  around  in  one  form  or  another  for  years.  Apple  just 
put  them  all  together. 

Which  is  part  of  what  makes  the  iPhone  such  a  brilliant  idea  —  and 
such  a  terrible  example  for  corporate  IT. 


Widescreen  pocket  media  player?  Been  done. 
Handheld  Web  browser?  Been  done.  Quad-band 
GSM  phone?  Been  done,  in  almost  every  way 
imaginable.  Camera?  Wi-Fi?  Bluetooth?  Old  news. 
Even  the  all-touch-screen  phone  interface  Jobs 
gushed  over  (“We’re  going  to  use  the  best  point¬ 
ing  device  in  our  world  —  we’re  born  with  10  of 
them,  our  fingers”)  has  been  around  since  2001. 

Yes,  Apple  tweaked  those  features,  polished 
them  up  and  added  some  small  enhancements 
like  “the  pinch”  for  zooming  in  on  Web  content. 
Mostly,  though,  Apple  took  a  big  pile  of  things 
that  already  work  and  then  stitched  them  togeth¬ 
er  into  something  new. 

But  does  Apple  know  what  users  will  actually 
do  with  the  iPhone?  Nope.  Jobs  all  but  admitted 
that  last  week  when  he  claimed  he  was  introduc¬ 
ing  three  new  products  before  unveiling  the  one 
real  thing. 

No  doubt  the  people  who  worked  for  years  to 
create  the  iPhone  believe  they’ve  created  a  beau¬ 
tifully  integrated  all-in-one  gadget.  It’s  elegant. 
It’s  stylish.  But  it’s  a  gadget  whose  real  purpose 

—  and  future  —  depends  on  its  users. 

Maybe  users  will  just  decide  it’s  the  world’s 

best  (and  most  expensive)  iPod. 

Maybe  they’ll  see  it  mainly  as  the 
perfect  pocket-size  Web-browsing 
device.  Maybe  Apple’s  cachet  is  so 

-  strong  that  some  people  really  will 
want  it  as  a  $500  cell  phone. 

Most  likely,  early  iPhone  buyers 
will  end  up  mixing  and  matching 
those  functions.  They’ll  figure  out 
what’s  useful  and  what’s  not.  They’ll 
discover  uses  that  never  occurred  to 
the  iPhone’s  designers. 

And  a  year  from  now,  those  early 
adopters  will  have  made  clear  to 
Apple  what  should  come  next  — 
whether  that  means  a  big-screen 


iPod  that’s  just  an  iPod,  an  even-more-beefed-up 
Web/phone  combo,  or  just  a  big  hole  in  Apple’s 
product  line  where  the  iPhone  used  to  be. 

For  Apple,  the  iPhone’s  identity  crisis  is  a 
gamble  —  and  an  opportunity  to  let  users  tell  the 
company  what  the  product  is  good  for.  Listening 
to  those  users  isn’t  just  a  good  idea.  It’s  crucial. 
They’ll  tell  Apple  how  to  be  successful. 

So,  why  is  that  such  an  awful  example  for  us? 

In  IT,  we  need  to  listen  to  users  too.  To  be  suc¬ 
cessful,  we  have  to  pay  attention  to  what  users 
actually  do  with  the  software  and  hardware  we 
deploy.  Those  people  are  the  ones  who  can  tell 
us  what’s  right  and  wrong  with  our  systems,  and 
show  us  problems  and  advantages  we’d  other¬ 
wise  never  know  about. 

But  we  don’t  have  the  luxury  of  years  to  build 
applications  that  bundle  together  a  lot  of  good 
ideas.  We  can’t  afford  an  identity  crisis.  And  we 
definitely  can’t  risk  waiting  until  after  we’ve 
dropped  a  system  in  users’  hands  to  find  out 
whether  we’re  on  the  right  track. 

Our  job  is  to  cut  that  risk  —  with  prototypes, 
user  input  and  feedback,  and  plenty  of  hands-on 
testing  as  we  develop  a  system.  Sure,  we  know 
what  works.  That’s  not  enough.  We 
need  to  learn  what  our  users  will  do 
with  it.  And  we  need  to  learn  that 
early  and  often. 

We  have  the  opportunity  to  know 
what  our  users  need  before  we  fin¬ 
ish  our  elegant,  stylish  work.  And 
we  can’t  afford  not  to. 

So,  as  we  all  lust  after  Apple’s 
shiny  new  gadget,  just  remember 
this:  The  iPhone  may  be  a  brilliant 
success  —  or  an  elegant  failure.  No 
one  knows  for  sure  yet. 

But  we  can  be  sure  that  what 
works  for  the  iPhone  is  still  a  very 
bad  idea  for  IT. » 


FRANK  HAYES,  Computer- 
world's  senior  news  columnist, 
has  covered  IT  for  more  than 
20  years.  Contact  him  at  frank. 
hay9s@camputerw0rld.com. 


Priorities 

Lightning  strikes  a  company’s  telephone  network, 
and  this  pilot  fish  and  his  cohorts  manage  to  get  the 
new  PBX  up  and  programmed  in  a  week.  They  know 
such  fast  work  will  leave  problems,  which  they’re 
handling  first  come,  first  served.  But  one  problem 
quickly  jumps  to  top  priority:  The  help  desk  phone 
line  has  been  routed  to  the  plant’s  waste  treatment 
facility.  “What  made  it  worse  is  that  the  waste  treat¬ 
ment  operator,  a  nice  guy  but  with  limited  computer 
experience,  started  giving  out  computer  advice,”  fish 
says.  "The  results  were  predictable:  We  could  see 
our  approval  rating  plummeting,  and  repairing  his 
phone  went  to  the  top  of  a  very  long  list.” 


SHARK 

TANK* 


on  each  user’s 
machine,”  re¬ 
ports  an  insider 
pilot  fish.  “He 
said  the  de¬ 
velopers  created  the 


Oops! 

Receptionist 
has  a  floor 
pedal  under 
her  desk  that 
controls  the  lock  on  this 
company’s  lobby  door,  programs  with  this  envi- 
so  she  can  let  in  visitors  ronment,  and  it  must  be 
from  the  main  build-  duplicated  on  the  users’ 
ing  lobby.  “It  stopped  machines  in  order  to 
working  one  day,  so  she  work  reliably.  So  all  the 
called  a  tech  to  check  users  got  some  really 
it  out,”  says  a  pilot  fish  nice  computer  upgrades 
there.  “He  traced  the  just  to  install  the  devel- 
wire  to  the  space  our  opment  environment.” 
old  security  office  used 

Fear  Her 


to  occupy  -  space  that 
had  been  sublet.  The 
remodeling  crew  had 
gutted  the  area  and,  of 
course,  clipped  the  wire. 
We’ll  have  the  new  lock 
control  installed  in  a 
week.  In  the  meantime, 
the  door  to  the  lobby  is 
propped  open.” 
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Gee,  Thanks 

This  company  has  built 
its  own  enterprise  ap¬ 
plications,  and  the  IT 
department’s  develop¬ 
ers  have  high-end  work- 


Pilot  Ash  pages  one 
of  his  technicians  for 
several  hours  but  gets 
no  response.  When  he 
Anally  spots  the  tech 
in  a  hallway.  Ash  asks 
why  he  hasn’t  answered 
the  page.  “My  pager  is 
broken  - 1  dropped  it  in 
the  toilet,”  tech  says. 
Well,  go  to  the  woman 
in  charge  of  our  com¬ 
pany's  cell  phones  and 
get  it  replaced.  Ash  says. 
“I’m  afraid  to.”  says 
tech.  “Last  week,  I  had 


stations  loaded  with  it  replaced  because  my 
C++  compiler,  libraries  dog  bit  it  and  broke  the 
and  linker  -  no  surprise  screen,  and  replaced 
there.  “But  the  director  again  when  I  dropped 
of  software  develop-  it  while  standing  on  a 
ment  insisted  that  the  ladder.  She  threatened 
entire  development  en-  to  hurt  me  if  I  damage 
vironment  be  installed  another  one.” 
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O  DON’T  FEAR  THE  SHARK.  Just  send  me  your  true 
tale  of  IT  life  at  sharky@computerworld.com.  You’ll 
get  a  stylish  Shark  shirt  if  I  use  it.  Check  out  Sharky's  blog, 
browse  the  Sharkives  and  sign  up  for  Shark  lank  home  deliv¬ 
ery  at  computerworld.com/sharky.  And  join  the  feeding 
frenzy  at  Shark  Bait  -  the  place  to  sound  off  about  all  things 
IT -at  sharkbait.computerworid.com. 
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YOU  ALWAYS  HAD  THE  BRAINS. 

IT  WAS  THE  TECHNOLOGY 
THAT  WAS  A  LITTLE  SCATTERED. 


The  HP  BladeSystem  c-Class  with  Insight  Control  Management. 

The  intuitive  HP  BladeSystem  c -Class  thinks  just  like  you  do  —  letting 
you  monitor  your  infrastructure  while  helping  to  analyze  your  future 
needs.  First,  HP's  OnBoard  Administrator  gives  you  out-of-the-box 
setup  and  configuration  combined  with  power,  cooling  and  enclosure 
management.  After  that,  the  Insight  Control  software  steps  in  to  let 
you  control  the  rest  of  your  environment,  locally  or  remotely.  And 
thanks  to  the  integrated  Insight  Display  —  our  unique  LCD  screen  — 
you  can  interact  right  at  the  source  to  manage,  deploy  or  troubleshoot. 

Simply  plug  in  the  HP  ProLiant  BL460c  server  blade,  featuring 
Dual-Core  Intel  Xeon  Processors,  and  you'll  get  faster  performance 
and  versatility  to  support  32-  and  64-bit  computing  environments. 

Use  the  HP  BladeSystem  c-Class  for  your  business  and  you'll 
experience  greater  control  over  your  time  and  resources. 

Pj  Experience  the  HP  BladeSystem  and  download  the  I  DC  White 
' — ‘  Paper  "Enabling  Technologies  for  Blade  Management." 


Click  YouAlwaysHadlt.com/brains4 

Call  1-866-625-4090 
Visit  your  local  reseller 


Dual-Core  is  a  new  technology  designed  to  improve  performance  of  multithreaded  software  products  and  hardware-aware  multitasking  operating  systems  and  may  require  appropriate  operating  system  software  for  full  benefit;  check  with  software 
provider  to  determine  suitability;  not  all  customers  or  software  applications  will  necessarily  benefit  from  use  of  this  technology.  Requires  a  separately  purchased  64-bit  operating  system  and  64-bit  software  products  to  take  advantage  of  the 
64-bit  processing  capabilities  of  the  Dual-Core  Intel  Xeon  Processor.  Given  the  wide  range  of  software  applications  available,  performance  of  a  system  including  a  64-bit  operating  system  will  vary.  Intel’s  numbering  is  not  a  measurement  of 
higher  performance.  Intel,  the  Intel  Logo.  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  The  information  contained  herein  is  subject  to  change 
without  notice.  ©2006  Hewlett-Packard  Development  Company,  L.P 


